Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://marmagoasteel.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: marmagoasteel.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Sun, 14 Sep 2014 14:09:48 GMT Location: http://infolator.info/0/go.php?sid=2 Server: Apache/2.2.3 (CentOS) Content-Length: 302 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://marmagoasteel.com/ | 200 OK Content-Length: 2609 Content-Type: text/html | clean |
http://marmagoasteel.com/stm31.js | 200 OK Content-Length: 34600 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var nOP=0,nOP5=0,nIE=0,nIE4=0,nIE5=0,nNN=0,nNN4=0,nNN6=0,nMAC=0,nIEM=0,nIEW=0,nDM=0,nVER=0.0,st_delb=0,st_addb=0,st_reg=1;stnav();var st_ttb=nIE||nOP&&(nVER>=6&&nVER<7);
var stT2P=["static","absolute","absolute"],stHAL=["left","center","right"],stVAL=["top","middle","bottom"],stREP=["no-repeat","repeat-x","repeat-y","repeat"],stBDS=["none"]; var st_max=10,st_ht="",st_gc=0,st_rl=null,st_cl,st_ct,st_cw,st_ch,st_cm=0,st_cp,st_ci,st_ri=/Stm([0-9]*)p([0-9]*)i([0-9]*)e/ Antivirus reports:
| ||
http://marmagoasteel.com/abtusmenu.js | 200 OK Content-Length: 3121 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) stm_bm(["menu6960",400,"","blank.gif",0,"","",0,0,162,0,333,1,0,0]);
stm_bp("p0",[0,4,0,0,0,0,0,0,100,"",-2,"",-2,90,0,0,"","","",3,0,0,""]); stm_ai("p0i0",[2,"","img/aboutuslink2.jpg","img/aboutuslink2.jpg",70,34,0,"company.html","_self","","","","",0,0,0,"","",0,0,0,2,1,"#ff0873",1,"#ffffff",0,"","",3,3,0,0,"#ff0873","#ff0873 #ff0873 #ffffff #ffffff","#ffffff","#333333","bold 8pt Arial","bold 8pt Arial",0,0]); stm_bpx("p1","p0",[1]); stm_aix("p1i0","p0i0",[0,"Manufacturing Antivirus reports:
| ||
http://marmagoasteel.com/test404page.js | 404 Not Found Content-Length: 294 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=marmagoasteel.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://marmagoasteel.com/
Result: marmagoasteel.com is not infected or malware details are not published yet.
Result: marmagoasteel.com is not infected or malware details are not published yet.