Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=linkedin.rbarnes.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://linkedin.rbarnes.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 21 Apr 2014 02:44:08 GMT Location: http://www.linkedin.com/in/rbarnesdotcom Server: nginx/1.4.7 Vary: Accept-Encoding Content-Length: 318 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.linkedin.com/in/rbarnesdotcom | 200 OK Content-Length: 54388 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) YEvent.on( window, 'load', function() { (function () { var protocol = 'http:'; var d = new Image(1, 1); d.onerror = d.onload = function () { d.onerror = d.onload = null; }; d.src = [ protocol, "//secure-us.imrworldwide.com/cgi-bin/m?ci=us-603751h&cg=0&cc=1&si=", escape(window.location.href), "&ts=compact&rnd=", (new Date()).getTime() ].join(''); })(); }); Antivirus reports:
| ||
http://static.licdn.com:80/scds/common/u/lib/fizzy/fz-1.3.5-min.js | 200 OK Content-Length: 26523 Content-Type: text/javascript | clean |
http://s.c.lnkd.licdn.com/scds/concat/common/js?h=3nuvxgwg15rbghxm1gpzfbya2-35e6ug1j754avohmn1bzmucat-mv3v66b8q0h1hvgvd3yfjv5f-14k913qahq3mh0ac0lh0twk9v&fc=2 | 200 OK Content-Length: 2744 Content-Type: text/javascript | clean |
http://s.c.lnkd.licdn.com/scds/concat/common/js?h=dfoaudjrk6rbf82f45bz5crwi-62og8s54488owngg0s7escdit-c8ha6zrgpgcni7poa5ctye7il-djim7uyllidc9gta745y2wo5m-51dv6schthjydhvcv6rxvospp-d7z5zqt26qe7ht91f8494hqx5-e9rsfv7b5gx0bk0tln31dx3sq-2r5gveucqe4lsolc3n0oljsn1-8v2hz0euzy8m1tk5d6tfrn6j-b88qxy99s08xoes3weacd08uc-bymlr3eiytxzjg9or01ze5ia8-ac8pg92mfnb2j836ntpvg1fsi-20ku023x05hx6bidduddbyymn-lyi4ca0d33mbz <span>...172 symbols skipped</span> | 200 OK Content-Length: 266867 Content-Type: text/javascript | clean |
http://s.c.lnkd.licdn.com/scds/concat/common/js?h=6b5tomv24hymqjdn9yh9vdxyg-95d8d303rtd0n9wj4dcjbnh2c&fc=2 | 200 OK Content-Length: 2255 Content-Type: text/javascript | clean |
http://s.c.lnkd.licdn.com/scds/concat/common/js?h=d43qahhuvg0j5mlh4c2m9sipk-ew7wxbzv14lsc4vzkh2xrbzqn-dp1os5pzpoyifn8ljtjpfxrz-e17zy6z51dugr6fy4su92o7de-eq875keqggun9hoxzfhbanjes&fc=2 | 200 OK Content-Length: 17345 Content-Type: text/javascript | clean |
http://linkedin.rbarnes.com/home?trk=hb_logo | 404 Not Found Content-Length: 11812 Content-Type: text/html | clean |
http://code.jquery.com/jquery-1.9.1.js | 200 OK Content-Length: 268381 Content-Type: application/x-javascript | clean |
http://linkedin.rbarnes.com/cgi-sys/js/simple-expand.min.js | 200 OK Content-Length: 2782 Content-Type: application/javascript | clean |
http://linkedin.rbarnes.com/test404page.js | 404 Not Found Content-Length: 11812 Content-Type: text/html | clean |
http://linkedin.rbarnes.com/pub/dir/?first=Randy&last=Barnes | 404 Not Found Content-Length: 11812 Content-Type: text/html | clean |
http://linkedin.rbarnes.com/pub/dir/ | 404 Not Found Content-Length: 11812 Content-Type: text/html | clean |
http://linkedin.rbarnes.com/static?key=country_listing | 404 Not Found Content-Length: 11812 Content-Type: text/html | clean |
http://linkedin.rbarnes.com/directory/people-a | 404 Not Found Content-Length: 11812 Content-Type: text/html | clean |
http://linkedin.rbarnes.com/directory/ | 404 Not Found Content-Length: 11812 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: linkedin.rbarnes.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 21 Apr 2014 02:44:08 GMT
Location: http://www.linkedin.com/in/rbarnesdotcom
Server: nginx/1.4.7
Vary: Accept-Encoding
Content-Length: 318
Content-Type: text/html; charset=iso-8859-1
...318 bytes of data.
GET / HTTP/1.1
Host: linkedin.rbarnes.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 21 Apr 2014 02:44:08 GMT
Location: http://www.linkedin.com/in/rbarnesdotcom
Server: nginx/1.4.7
Vary: Accept-Encoding
Content-Length: 318
Content-Type: text/html; charset=iso-8859-1
...318 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: linkedin.rbarnes.com
Referer: http://www.google.com/search?q=linkedin.rbarnes.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: linkedin.rbarnes.com
Referer: http://www.google.com/search?q=linkedin.rbarnes.com
Result:
The result is similar to the first query. There are no suspicious redirects found.