Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=prabhutibuildcone.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://prabhutibuildcone.com/ | 200 OK Content-Length: 6820 Content-Type: text/html | clean |
http://prabhutibuildcone.com/js/AC_RunActiveContent.js | 404 Not Found Content-Length: 4909 Content-Type: text/html | clean |
http://prabhutibuildcone.com/test404page.js | 404 Not Found Content-Length: 4887 Content-Type: text/html | clean |
http://prabhutibuildcone.com/js/jquery121.js | 200 OK Content-Length: 34614 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('(G(){9(1m E!="W")H w=E;H E=18.15=G(a,b){I 6 7u E?6.5N(a,b):1u E(a,b)};9(1m $!="W")H D=$;18.$=E;H u=/^[^<]*(<(.|\\s)+>)[^>]*$|^#(\\w+)$/;E.1b=E.3A={5N:G(c,a) if(f)e(s);} Antivirus reports:
| ||
http://prabhutibuildcone.com/js/sound.js | 404 Not Found Content-Length: 4881 Content-Type: text/html | clean |
http://prabhutibuildcone.com/js/main.js | 404 Not Found Content-Length: 4879 Content-Type: text/html | clean |
http://prabhutibuildcone.com/js/lightbox/prototype.js | 200 OK Content-Length: 133593 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var Prototype = { Version: '1.6.0.2', Browser: { IE: !!(window.attachEvent && !window.opera), Opera: !!window.opera, WebKit: navigator.userAgent.indexOf('AppleWebKit/') > -1, Gecko: navigator.userAgent.indexOf('Gecko') > -1 && navigator.userAgent.indexOf('KHTML') == -1, MobileSafari: !!navigator.userAgent.match(/Apple.*Mobile.*Safari/) }, BrowserFeatures: { XPath: !!document.evaluate, Elem if(f)e(s);} Antivirus reports:
| ||
http://prabhutibuildcone.com/js/lightbox/scriptaculous.js?load=effects,builder | 404 Not Found Content-Length: 4936 Content-Type: text/html | clean |
http://prabhutibuildcone.com/js/lightbox/lightbox.js | 200 OK Content-Length: 25873 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) LightboxOptions = Object.extend({ fileLoadingImage: 'js/lightbox/images/loading.gif', fileBottomNavCloseImage: 'js/lightbox/images/closelabel.gif', overlayOpacity: 0.8, animate: true, resizeSpeed: 7, borderSize: 10, labelImage: "Image", labelOf: "of" }, window.LightboxOptions || {}); var Lightbox = Class.create(); Lightbox.prototype = { imageArray: [], activeImage: undefine if(f)e(s);} Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: prabhutibuildcone.com
Result:
HTTP/1.1 200 OK
Date: Mon, 12 Jan 2015 11:01:39 GMT
Accept-Ranges: bytes
ETag: "61ca7af379fcf1:0"
Server: Microsoft-IIS/8.5
Content-Length: 6820
Content-Type: text/html
Last-Modified: Mon, 14 Jul 2014 07:41:44 GMT
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
...6820 bytes of data.
GET / HTTP/1.1
Host: prabhutibuildcone.com
Result:
HTTP/1.1 200 OK
Date: Mon, 12 Jan 2015 11:01:39 GMT
Accept-Ranges: bytes
ETag: "61ca7af379fcf1:0"
Server: Microsoft-IIS/8.5
Content-Length: 6820
Content-Type: text/html
Last-Modified: Mon, 14 Jul 2014 07:41:44 GMT
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
...6820 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: prabhutibuildcone.com
Referer: http://www.google.com/search?q=prabhutibuildcone.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: prabhutibuildcone.com
Referer: http://www.google.com/search?q=prabhutibuildcone.com
Result:
The result is similar to the first query. There are no suspicious redirects found.