Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=searchforhalfpint.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://searchforhalfpint.com/ | 200 OK Content-Length: 2945 Content-Type: text/html | clean |
http://searchforhalfpint.com/index.htm | 200 OK Content-Length: 2945 Content-Type: text/html | clean |
http://searchforhalfpint.com/doc.htm | 200 OK Content-Length: 6036 Content-Type: text/html | clean |
http://searchforhalfpint.com/photo.htm | 200 OK Content-Length: 2700 Content-Type: text/html | clean |
http://searchforhalfpint.com/js/lightbox.js | 200 OK Content-Length: 16411 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var loadingImage = 'loading.gif'; var closeButton = 'close.gif'; function getPageScroll(){ var yScroll; if (self.pageYOffset) { yScroll = self.pageYOffset; } else if (document.documentElement && document.documentElement.scrollTop){ yScroll = document.documentElement.scrollTop; } else if (document.body) { yScroll = document.body.scrollTop; } arrayPageScroll = new Array('',yScroll) return arrayPageScroll; } function getPageS Antivirus reports:
| ||
http://searchforhalfpint.com/images/photos/immature001.jpg | 200 OK Content-Length: 300975 Content-Type: image/jpeg | clean |
http://searchforhalfpint.com/test404page.js | HTTP/1.1 404 Not Found Connection: close Date: Sun, 11 Jan 2015 14:55:52 GMT Accept-Ranges: bytes Server: Apache Content-Length: 124 Content-Type: text/html | clean |
http://templates.doteasy.com/errorpages/error404/ | 200 OK Content-Length: 10599 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js | 200 OK Content-Length: 93435 Content-Type: text/javascript | clean |
http://searchforhalfpint.com/js/selectBox/jquery.selectBox.min.js | HTTP/1.1 404 Not Found Connection: close Date: Sun, 11 Jan 2015 14:55:54 GMT Accept-Ranges: bytes Server: Apache Content-Length: 124 Content-Type: text/html | clean |
http://templates.doteasy.com/test404page.js | 404 Not Found Content-Length: 1245 Content-Type: text/html | clean |
http://searchforhalfpint.com/js/jquery.watermark.min.js | HTTP/1.1 404 Not Found Connection: close Date: Sun, 11 Jan 2015 14:55:55 GMT Accept-Ranges: bytes Server: Apache Content-Length: 124 Content-Type: text/html | clean |
http://searchforhalfpint.com/js/fancybox/jquery.fancybox.js | HTTP/1.1 404 Not Found Connection: close Date: Sun, 11 Jan 2015 14:55:56 GMT Accept-Ranges: bytes Server: Apache Content-Length: 124 Content-Type: text/html | clean |
http://searchforhalfpint.com/js/fancybox/helpers/jquery.fancybox-media.js | HTTP/1.1 404 Not Found Connection: close Date: Sun, 11 Jan 2015 14:55:56 GMT Accept-Ranges: bytes Server: Apache Content-Length: 124 Content-Type: text/html | clean |
http://searchforhalfpint.com/images/photos/immature002.jpg | 200 OK Content-Length: 302423 Content-Type: image/jpeg | clean |
http://searchforhalfpint.com/video.htm | 200 OK Content-Length: 3790 Content-Type: text/html | clean |
http://searchforhalfpint.com/js/video/js/swfobject.js | 200 OK Content-Length: 9185 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,d){e=function(c){return(c<a?"":e(parseInt(c/a))) ((c=c%a)>35?String.fromCharCode(c 29):c.toString(36))};if(!''.replace(/^/,String)){while(c--){d[e(c)]=k[c]||e(c)}k=[(function(e){return d[e]})];e=(function(){return'\\w '});c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b' e(c) '\\b','g'),k[c])}}return p}('5(T 8=="1B"){d 8=k Q()}5(T 8.X=="1B"){8.X=k Q()}5(T 8.y=="1B"){8.y=k Q()}8.D=f(1y,p,w,h,1o,c,1p,1K,1h,1x){5(!m.13){g}4.1V=1x?1x:"2w";4.1R=8.X.1n(4.1V);4.1w=k Q( Antivirus reports:
| ||
http://searchforhalfpint.com/js/video/js/videobox.js | 200 OK Content-Length: 12505 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var Videobox = { init: function (options) { this.options = Object.extend({ resizeDuration: 400, initialWidth: 250, initialHeight: 250, defaultWidth: 425, defaultHeight: 350, animateCaption: true, flvplayer: 'swf/flvplayer.swf' }, options || {}); this.anchors = []; $A($$('a')).each(function(el){ if(el.rel && el.href && el.rel.test('^vidbox', 'i')) { el.addEvent('click', function (e) { e = new E Antivirus reports:
| ||
http://searchforhalfpint.com/guestbook.htm | 200 OK Content-Length: 3200 Content-Type: text/html | clean |
http://searchforhalfpint.com/contact.htm | 200 OK Content-Length: 2745 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: searchforhalfpint.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 11 Jan 2015 14:55:47 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 2945
Content-Type: text/html
Last-Modified: Fri, 07 Nov 2014 06:15:02 GMT
...2945 bytes of data.
GET / HTTP/1.1
Host: searchforhalfpint.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 11 Jan 2015 14:55:47 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 2945
Content-Type: text/html
Last-Modified: Fri, 07 Nov 2014 06:15:02 GMT
...2945 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: searchforhalfpint.com
Referer: http://www.google.com/search?q=searchforhalfpint.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: searchforhalfpint.com
Referer: http://www.google.com/search?q=searchforhalfpint.com
Result:
The result is similar to the first query. There are no suspicious redirects found.