Scanned pages/files
Request | Server response | Status |
http://www.her-nylons.com/ | 200 OK Content-Length: 15455 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var json_big_log_str='eyJkb21haW4iOiJoZXItbnlsb25zLmNvbSIsInN1YmRvbWFpbiI6Ind3dyIsInJlZmVyZXIiOiIiLCJxX3NyYyI6IiIsInF1ZXJ5IjoiIiwiYnJvd3NlciI6Ik1TSUUgOC4wIiwic3RyX21kNSI6IjMzNDZjYjQyYWMzZjA5ZGJlNzU5ZWQ0MWM3YjNjMzM3IiwibGFuZ19jb2RlIjoiIiwibWVtYmVyX2lkIjpudWxsLCJjaGFubmVscyI6bnVsbCwiZHJpZCI6ImFzLWRyaWQtb28tMTc2MzA0MzE2MDQ3MTk4MiIsImNsaWVudCI6ImRwLW5hbWVkcml2ZTA2X3htbCIsImxhbmRlciI6MSwidGVtcGxhdGUiOiJ0cm5zLW9yYW5nZSIsInJzIjoiMiIsImNhdGVnb3J5IjoiMjAwMDAwIiwiZmVlZDJfdXJsIjoiaHR0cDpcL1wvc3BsaXR0 if (document.getElementById('oneclick').style.display) { document.getElementById('oneclick').style.display='block'; } if (document.getElementById('oneclick').style.visibility) { document.getElementById('oneclick').style.visibility='visible'; } if (document.getElementById('twoclick').style.display) { document.getElementById('twoclick').style.display='none'; } } Antivirus reports:
| ||
http://www.google.com/adsense/domains/caf.js | 200 OK Content-Length: 285 Content-Type: text/javascript | clean |
http://www.her-nylons.com/test404page.js | 200 OK Content-Length: 144 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: her-nylons.com
Result:
GET / HTTP/1.1
Host: her-nylons.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: her-nylons.com
Referer: http://www.google.com/search?q=her-nylons.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: her-nylons.com
Referer: http://www.google.com/search?q=her-nylons.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=her-nylons.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://her-nylons.com/
Result: her-nylons.com is not infected or malware details are not published yet.
Result: her-nylons.com is not infected or malware details are not published yet.