Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=birth-defect-drug-lawyers.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://birth-defect-drug-lawyers.com/ | 200 OK Content-Length: 26642 Content-Type: text/html | clean |
http://birth-defect-drug-lawyers.com/misc/jquery.js?v=1.4.4 | 200 OK Content-Length: 78602 Content-Type: application/javascript | clean |
http://birth-defect-drug-lawyers.com/misc/jquery.once.js?v=1.2 | 200 OK Content-Length: 2974 Content-Type: application/javascript | clean |
http://birth-defect-drug-lawyers.com/misc/drupal.js?llruug | 200 OK Content-Length: 14544 Content-Type: application/javascript | clean |
http://birth-defect-drug-lawyers.com/misc/jquery.cookie.js?v=1.0 | 200 OK Content-Length: 961 Content-Type: application/javascript | clean |
http://birth-defect-drug-lawyers.com/sites/all/modules/superfish/js/jquery.hoverIntent.minified.js?llruug | 200 OK Content-Length: 4897 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function($){$.fn.hoverIntent=function(f,g){var cfg={sensitivity:7,interval:100,timeout:0};cfg=$.extend(cfg,g?{over:f,out:g}:f);var cX,cY,pX,pY;var track=function(ev){cX=ev.pageX;cY=ev.pageY;};var compare=function(ev,ob){ob.hoverIntent_t=clearTimeout(ob.hoverIntent_t);if((Math.abs(pX-cX)+Math.abs(pY-cY))<cfg.sensitivity){$(ob).unbind("mousemove",track);ob.hoverIntent_s=1;return cfg.over.apply(ob,[ev]);}else{pX=cX;pY=cY;ob.hoverIntent_t=setTimeout(function(){compare(ev,ob);},cfg.interval);}};v Antivirus reports:
| ||
http://birth-defect-drug-lawyers.com/sites/all/modules/superfish/js/jquery.bgiframe.min.js?llruug | 200 OK Content-Length: 4801 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function($){$.fn.bgIframe=$.fn.bgiframe=function(s){if($.browser.msie&&parseInt($.browser.version)<=6){s=$.extend({top:'auto',left:'auto',width:'auto',height:'auto',opacity:true,src:'javascript:false;'},s||{});var prop=function(n){return n&&n.constructor==Number?n+'px':n;},html='<iframe class="bgiframe"frameborder="0"tabindex="-1"src="'+s.src+'"'+'style="display:block;position:absolute;z-index:-1;'+(s.opacity!==false?'filter:Alpha(Opacity=\'0\');':'')+'top:'+(s.top=='auto' Antivirus reports:
| ||
http://birth-defect-drug-lawyers.com/sites/all/modules/superfish/js/superfish.js?llruug | 200 OK Content-Length: 7246 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ;(function($){ $.fn.superfish = function(op){ var sf = $.fn.superfish, c = sf.c, $arrow = $(['<span class="',c.arrowClass,'"> »</span>'].join('')), over = function(){ var $$ = $(this), menu = getMenu($$); clearTimeout(menu.sfTimer); $$.showSuperfishUl().siblings().hideSuperfishUl(); }, out = function(){ var $$ = $(this), menu = getMenu($$), o = sf.op; c Antivirus reports:
| ||
http://birth-defect-drug-lawyers.com/sites/all/modules/superfish/js/supersubs.js?llruug | 200 OK Content-Length: 6801 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ;(function($){ $.fn.supersubs = function(options){ var opts = $.extend({}, $.fn.supersubs.defaults, options); return this.each(function() { var $$ = $(this); var o = $.meta ? $.extend({}, opts, $$.data()) : opts; var fontsize = $('<li id="menu-fontsize">—</li>').css({ 'padding' : 0, 'position' : 'absolute', 'top' : '-999em', 'width' : 'auto' Antivirus reports:
| ||
http://birth-defect-drug-lawyers.com/modules/openid/openid.js?llruug | 200 OK Content-Length: 1829 Content-Type: application/javascript | clean |
http://birth-defect-drug-lawyers.com/sites/all/themes/theme539/js/theme539.core.js?llruug | 200 OK Content-Length: 4494 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) String.prototype.trim = function(){ return this.replace(/\s+$/, '').replace(/^\s+/, ''); } jQuery.browser.version = jQuery.browser.msie && parseInt(jQuery.browser.version) == 6 && window["XMLHttpRequest"] ? "7.0" : jQuery.browser.version; window.log = function() { log.history = log.history || []; log.history.push(arguments); if (this.console) { console.log(Array.prototype.slice.call(arguments)); } }; var theme539 = theme539 | Antivirus reports:
| ||
http://birth-defect-drug-lawyers.com/node/1 | 200 OK Content-Length: 14239 Content-Type: text/html | clean |
http://birth-defect-drug-lawyers.com/node/2 | 200 OK Content-Length: 12859 Content-Type: text/html | clean |
http://birth-defect-drug-lawyers.com/node/13 | 200 OK Content-Length: 14252 Content-Type: text/html | clean |
http://birth-defect-drug-lawyers.com/node/3 | 200 OK Content-Length: 12886 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: birth-defect-drug-lawyers.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 16 Jan 2015 14:56:30 GMT
ETag: "1421420190"
Server: Apache
Vary: Accept-Encoding
Content-Language: en
Content-Type: text/html; charset=utf-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Fri, 16 Jan 2015 14:56:30 GMT
X-Generator: Drupal 7 (http://drupal.org)
GET / HTTP/1.1
Host: birth-defect-drug-lawyers.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 16 Jan 2015 14:56:30 GMT
ETag: "1421420190"
Server: Apache
Vary: Accept-Encoding
Content-Language: en
Content-Type: text/html; charset=utf-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Fri, 16 Jan 2015 14:56:30 GMT
X-Generator: Drupal 7 (http://drupal.org)
Second query (visit from search engine):
GET / HTTP/1.1
Host: birth-defect-drug-lawyers.com
Referer: http://www.google.com/search?q=birth-defect-drug-lawyers.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: birth-defect-drug-lawyers.com
Referer: http://www.google.com/search?q=birth-defect-drug-lawyers.com
Result:
The result is similar to the first query. There are no suspicious redirects found.