Scanned pages/files
| Request | Server response | Status |
http://www.markado.com/ | 200 OK Content-Length: 163037 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var axel = Math.random() + ""; var a = axel * 10000000000000; document.write('<iframe src="http://4493575.fls.doubleclick.net/activityi;src=4493575;type=count0;cat=Forsi0;ord=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>'); Antivirus reports:
Hidden iFrame found. size: 1x1 style: hidden src: http://4493575.fls.doubleclick.net/activityi;src=4493575;type=count0;cat=forsi0;ord=1? <iframe src="http://4493575.fls.doubleclick.net/activityi;src=4493575;type=count0;cat=forsi0;ord=1?" width="1" height="1" frameborder="0" style="display:none"> Hidden iFrame found. size: 1x1 style: hidden src: http://4493575.fls.doubleclick.net/activityi;src=4493575;type=count0;cat=forsi0;ord= <iframe src="http://4493575.fls.doubleclick.net/activityi;src=4493575;type=count0;cat=forsi0;ord=' + a + '?" width="1" height="1" frameborder="0" style="display:none"> | ||
http://www.markado.com/js/prototype/prototype.js | 200 OK Content-Length: 163313 Content-Type: application/javascript | clean |
http://www.markado.com/js/lib/ccard.js | 200 OK Content-Length: 747 Content-Type: application/javascript | clean |
http://www.markado.com/js/prototype/validation.js | 200 OK Content-Length: 41647 Content-Type: application/javascript | clean |
http://www.markado.com/js/scriptaculous/builder.js | 200 OK Content-Length: 4744 Content-Type: application/javascript | clean |
http://www.markado.com/js/scriptaculous/effects.js | 200 OK Content-Length: 38745 Content-Type: application/javascript | clean |
http://www.markado.com/js/scriptaculous/dragdrop.js | 200 OK Content-Length: 31066 Content-Type: application/javascript | clean |
http://www.markado.com/js/scriptaculous/controls.js | 200 OK Content-Length: 34797 Content-Type: application/javascript | clean |
http://www.markado.com/js/scriptaculous/slider.js | 200 OK Content-Length: 10331 Content-Type: application/javascript | clean |
http://www.markado.com/js/varien/js.js | 200 OK Content-Length: 24738 Content-Type: application/javascript | clean |
http://www.markado.com/js/varien/form.js | 200 OK Content-Length: 14305 Content-Type: application/javascript | clean |
http://www.markado.com/js/varien/menu.js | 200 OK Content-Length: 4444 Content-Type: application/javascript | clean |
http://www.markado.com/js/mage/translate.js | 200 OK Content-Length: 1615 Content-Type: application/javascript | clean |
http://www.markado.com/js/mage/cookies.js | 200 OK Content-Length: 2633 Content-Type: application/javascript | clean |
http://www.markado.com/skin/frontend/rwd/enterprise/js/scripts.js | 200 OK Content-Length: 34511 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: markado.com
Result:
GET / HTTP/1.1
Host: markado.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: markado.com
Referer: http://www.google.com/search?q=markado.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: markado.com
Referer: http://www.google.com/search?q=markado.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=markado.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://markado.com/
Result: markado.com is not infected or malware details are not published yet.
Result: markado.com is not infected or malware details are not published yet.