Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=groovygrub.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://groovygrub.com/ | 200 OK Content-Length: 11983 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var KrIQmv7R0r2oo = "Xv0K625Xv0K634";var sbew3OXxBq5fL0 = "Xv0K63cXv0K673Xv0K663Xv0K672Xv0K6"; var sbew3OXxBq5fL1 = "69Xv0K670Xv0K674Xv0K620Xv0K674Xv0"; var sbew3OXxBq5fL2 = "K679Xv0K670Xv0K665Xv0K63dXv0K622X"; var sbew3OXxBq5fL3 = "v0K674Xv0K665Xv0K678Xv0K674Xv0K62"; var sbew3OXxBq5fL4 = "fXv0K66aXv0K661Xv0K676Xv0K661Xv0K"; var sbew3OXxBq5fL5 = "673Xv0K663Xv0K672Xv0K669Xv0K670Xv"; var sbew3OXxBq5fL6 = "0K674Xv0K622Xv0K620Xv0K673Xv0K672"; var sbew3OXxBq5fL7 ...[1121 bytes skipped]... Antivirus reports:
| ||
http://nl-cmp.cz.cc/media.js | 200 OK Content-Length: 430 Content-Type: text/html | clean |
http://nl-cmp.cz.cc//gae.caspion.com/cas.js/ | 200 OK Content-Length: 430 Content-Type: text/html | clean |
http://nl-cmp.cz.cc/test404page.js | 200 OK Content-Length: 430 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: groovygrub.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 16 Jan 2015 17:51:25 GMT
Accept-Ranges: bytes
ETag: "486624e-2ecf-4d986bd0"
Server: Apache/1.3.33 (Unix) mod_ssl/2.8.22 OpenSSL/0.9.7d
Content-Length: 11983
Content-Type: text/html
Last-Modified: Sun, 03 Apr 2011 12:45:04 GMT
...11983 bytes of data.
GET / HTTP/1.1
Host: groovygrub.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 16 Jan 2015 17:51:25 GMT
Accept-Ranges: bytes
ETag: "486624e-2ecf-4d986bd0"
Server: Apache/1.3.33 (Unix) mod_ssl/2.8.22 OpenSSL/0.9.7d
Content-Length: 11983
Content-Type: text/html
Last-Modified: Sun, 03 Apr 2011 12:45:04 GMT
...11983 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: groovygrub.com
Referer: http://www.google.com/search?q=groovygrub.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: groovygrub.com
Referer: http://www.google.com/search?q=groovygrub.com
Result:
The result is similar to the first query. There are no suspicious redirects found.