Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=a2aces.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://a2aces.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://www.a2aces.com/ | 200 OK Content-Length: 5372 Content-Type: text/html | clean |
http://www.a2aces.com/js/AC_RunActiveContent.js | 200 OK Content-Length: 14394 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var isIE = (navigator.appVersion.indexOf("MSIE") != -1) ? true : false; var isWin = (navigator.appVersion.toLowerCase().indexOf("win") != -1) ? true : false; var isOpera = (navigator.userAgent.indexOf("Opera") != -1) ? true : false; function ControlVersion() { var version; var axo; var e; try { axo = new ActiveXObject("ShockwaveFlash.ShockwaveFlash.7"); version = axo.GetVariable("$version"); } catch (e) { } if (!version) Antivirus reports:
| ||
http://www.a2aces.com/email.htm | 200 OK Content-Length: 7953 Content-Type: text/html | clean |
http://webmail.doteasy.com/api/wrisibox.cfm?k=dQ2ovSP53v2o | 200 OK Content-Length: 7334 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: a2aces.com siBox: { currURL = window.location + ''; currDomain = currURL.replace(/https?:\/\/(www\.)?([a-zA-Z0-9-\.]{4,})\/.*/, '$2'); validDomain = 'a2aces.com'; validDomainEsc = 'a2aces.com'; re = new RegExp('\w*\.?' + validDomainEsc + '$', 'ig'); if (currDomain != validDomain && !currDomain.match(re)) { document.write('' + '<b>Webmaster:</b> this sign-in box location is invalid, please re-install it at http://a2aces.com,' + 'or edit the setting at <a href="https://member.doteasy.com/index.cfm?R=ESB">Doteasy Member Zone</a>' ...[8110 bytes skipped]... | ||
http://webmail.doteasy.com/test404page.js | 404 Not Found Content-Length: 1245 Content-Type: text/html | clean |
http://www.a2aces.com/contact_us.htm | 200 OK Content-Length: 8440 Content-Type: text/html | clean |
http://www.a2aces.com/services.htm | 200 OK Content-Length: 9822 Content-Type: text/html | clean |
http://www.a2aces.com/contracts.htm | 200 OK Content-Length: 8380 Content-Type: text/html | clean |
http://www.a2aces.com/careers.htm | 200 OK Content-Length: 8607 Content-Type: text/html | clean |
http://www.a2aces.com/about.htm | 200 OK Content-Length: 8537 Content-Type: text/html | clean |
http://www.a2aces.com/leadership.htm | 200 OK Content-Length: 10030 Content-Type: text/html | clean |
http://www.a2aces.com/files/A2Aces_Capabilities.pdf | 200 OK Content-Length: 131314 Content-Type: application/pdf | clean |
http://www.a2aces.com/sitemap.htm | 200 OK Content-Length: 8619 Content-Type: text/html | clean |
http://www.a2aces.com/www.a2aces.com | HTTP/1.1 404 Not Found Connection: close Date: Mon, 16 Jun 2014 17:15:29 GMT Accept-Ranges: bytes Server: Apache Content-Length: 195 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: a2aces.com
Result:
GET / HTTP/1.1
Host: a2aces.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: a2aces.com
Referer: http://www.google.com/search?q=a2aces.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: a2aces.com
Referer: http://www.google.com/search?q=a2aces.com
Result:
The result is similar to the first query. There are no suspicious redirects found.