Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=raaser.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://raaser.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 28 Aug 2014 06:28:29 GMT Location: http://thirdeyeclasses.com Server: Apache Content-Length: 294 Content-Type: text/html; charset=iso-8859-1 | clean |
http://thirdeyeclasses.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 28 Aug 2014 06:28:29 GMT Location: http://www.thirdeyeclasses.com/ Server: nginx/1.2.9 WPEngine/6.0.7 Content-Length: 199 Content-Type: text/html | clean |
http://www.thirdeyeclasses.com/ | 200 OK Content-Length: 41990 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. ...[457 bytes skipped]... tener?f.addEventListener(r,s,false):f.attachEvent("on"+r,s);var ld=function(){function p(hd){ hd="head";return["<",hd,"></",hd,"><",i,' onl' + 'oad="var d=',g,";d.getElementsByTagName('head')[0].",j,"(d.",h,"('script')).",k,"='",l,"//",a.l,"'",'"',"></",i,">"].join("")}var i="body",m=d[i];if(!m){ return setTimeout(ld,100)}a.P(1);var j="appendChild",h="createElement",k="src",n=d[h]("div"),v=n[j](d[h](z)),b=d[h]("iframe"),g="document",e="domain",o;n.style.display="none";m.insertBefore(n,m.firstChild).id=z;b.frameBorder="0";b.id=z+"-loader";if(/MSIE[ ]+6/.test(navigator.userAgent)){ b.src="javascript:false"}b.allowTransparency="true";v[j](b);try{ b.contentWindow[g].open()}catch(w){ c[e]=d[e];o="javascript:var d="+g+".open();d.domain='"+d.domain+"';";b[k]=o+"void(0);"}try{ var t=b.contentWindow[g];t.write(p());t.close()}catch(x){ b[k]=o+'d.write("'+p().replace(/"/g,String.fromCharCo ...[295 bytes skipped]... Decoded script: function s() { a.P(r); f[z](r); } | ||
http://38a5w23zueh82a1cp02iungy135h.wpengine.netdna-cdn.com/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 96402 Content-Type: application/x-javascript | clean |
http://38a5w23zueh82a1cp02iungy135h.wpengine.netdna-cdn.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/x-javascript | clean |
http://38a5w23zueh82a1cp02iungy135h.wpengine.netdna-cdn.com/wp-content/plugins/responsive-news-announcements/js/announcements.js?ver=3.9.2 | 200 OK Content-Length: 860 Content-Type: application/x-javascript | clean |
http://38a5w23zueh82a1cp02iungy135h.wpengine.netdna-cdn.com/wp-content/plugins/responsive-news-announcements/js/jquery.cookie.js?ver=3.9.2 | 200 OK Content-Length: 1852 Content-Type: application/x-javascript | clean |
http://38a5w23zueh82a1cp02iungy135h.wpengine.netdna-cdn.com/wp-content/plugins/responsive-news-announcements/js/jquery.cycle.lite.js?ver=3.9.2 | 200 OK Content-Length: 8106 Content-Type: application/x-javascript | clean |
http://38a5w23zueh82a1cp02iungy135h.wpengine.netdna-cdn.com/wp-content/plugins/wp-charts/js/Chart.min.js?ver=3.9.2 | 200 OK Content-Length: 19932 Content-Type: application/x-javascript | clean |
http://38a5w23zueh82a1cp02iungy135h.wpengine.netdna-cdn.com/wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.10.4 | 200 OK Content-Length: 4289 Content-Type: application/x-javascript | clean |
http://38a5w23zueh82a1cp02iungy135h.wpengine.netdna-cdn.com/wp-includes/js/jquery/ui/jquery.ui.widget.min.js?ver=1.10.4 | 200 OK Content-Length: 6521 Content-Type: application/x-javascript | clean |
http://38a5w23zueh82a1cp02iungy135h.wpengine.netdna-cdn.com/wp-includes/js/jquery/ui/jquery.ui.progressbar.min.js?ver=1.10.4 | 200 OK Content-Length: 2178 Content-Type: application/x-javascript | clean |
http://38a5w23zueh82a1cp02iungy135h.wpengine.netdna-cdn.com/wp-content/plugins/wordpress-simple-survey/js/custom.js?ver=2.1.2 | 200 OK Content-Length: 2379 Content-Type: application/x-javascript | clean |
http://38a5w23zueh82a1cp02iungy135h.wpengine.netdna-cdn.com/wp-content/plugins/editionguard-ebook-sales-with-drm/js/editionguard-scripts.js?ver=3.9.2 | 200 OK Content-Length: 45 Content-Type: application/x-javascript | clean |
http://w.sharethis.com/button/buttons.js | 200 OK Content-Length: 144141 Content-Type: application/x-javascript | clean |
http://38a5w23zueh82a1cp02iungy135h.wpengine.netdna-cdn.com/wp-content/themes/the_cotton_v1.1.2/script/script.js | 200 OK Content-Length: 56109 Content-Type: application/x-javascript | clean |
http://38a5w23zueh82a1cp02iungy135h.wpengine.netdna-cdn.com/wp-content/themes/the_cotton_v1.1.2/js/slider/contentslider.js | 200 OK Content-Length: 10979 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: raaser.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 28 Aug 2014 06:28:29 GMT
Location: http://thirdeyeclasses.com
Server: Apache
Content-Length: 294
Content-Type: text/html; charset=iso-8859-1
...294 bytes of data.
GET / HTTP/1.1
Host: raaser.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 28 Aug 2014 06:28:29 GMT
Location: http://thirdeyeclasses.com
Server: Apache
Content-Length: 294
Content-Type: text/html; charset=iso-8859-1
...294 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: raaser.com
Referer: http://www.google.com/search?q=raaser.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: raaser.com
Referer: http://www.google.com/search?q=raaser.com
Result:
The result is similar to the first query. There are no suspicious redirects found.