Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=wmig.erpg.pl
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://wmig.erpg.pl/ | 200 OK Content-Length: 20608 Content-Type: text/html | clean |
http://www.evry1-shop.de/cnt.php?id=5595805 | 404 Not Found Content-Length: 272 Content-Type: text/html | clean |
http://www.evry1-shop.de/test404page.js | 404 Not Found Content-Length: 279 Content-Type: text/html | clean |
http://app.sugester.pl/wmig/widget.js | 200 OK Content-Length: 22687 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if (typeof uid == 'undefined'){uid='';};if (typeof uid_email == 'undefined'){uid_email='';};if (typeof sugester_tab == 'undefined'){sugester_tab=1;}; var sx_={};sx_.lib=function(){var F={};var C=/(-[a-z])/gi;var B=function(H,I){return I.charAt(1).toUpperCase()};var G=function(I){var H;if(!(H=F[I])){H=F[I]=I.replace(C,B)}return H};var A=document.defaultView;var E=/alpha\([^\)]*\)/gi;var D=function(J,H){var I=J.style;if(window.ActiveXObject){I.zoom=1;I.filter=(I.filter||"").replace(E,"")+(H==1 sx_.loadSkin('sugester','http://app.sugester.pl/stylesheets');f1=window.onload;window.onload=function(){sx_.init();if (sugester_tab==1) {document.getElementById('sugester_widget').style.display="block"};if(f1!=undefined)f1()}; Antivirus reports:
| ||
http://www.evry1-shop.de/cnt.php?id=5595794 | 404 Not Found Content-Length: 272 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: wmig.erpg.pl
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Fri, 03 Oct 2014 22:23:38 GMT
Pragma: no-cache
Server: IdeaWebServer/v0.80
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=7a47cff009be9c830322e915c3e623bf; path=/
GET / HTTP/1.1
Host: wmig.erpg.pl
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Fri, 03 Oct 2014 22:23:38 GMT
Pragma: no-cache
Server: IdeaWebServer/v0.80
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=7a47cff009be9c830322e915c3e623bf; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: wmig.erpg.pl
Referer: http://www.google.com/search?q=wmig.erpg.pl
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: wmig.erpg.pl
Referer: http://www.google.com/search?q=wmig.erpg.pl
Result:
The result is similar to the first query. There are no suspicious redirects found.