Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=silver-seek.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: mercurania.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 27 Sep 2015 05:07:47 GMT
Accept-Ranges: bytes
ETag: "70-510e543dadde2"
Server: Apache
Content-Length: 112
Content-Type: text/html
Last-Modified: Tue, 10 Mar 2015 01:42:35 GMT
X-Powered-By: PleskLin
...112 bytes of data.
GET / HTTP/1.1
Host: mercurania.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 27 Sep 2015 05:07:47 GMT
Accept-Ranges: bytes
ETag: "70-510e543dadde2"
Server: Apache
Content-Length: 112
Content-Type: text/html
Last-Modified: Tue, 10 Mar 2015 01:42:35 GMT
X-Powered-By: PleskLin
...112 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: mercurania.com
Referer: http://www.google.com/search?q=mercurania.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: mercurania.com
Referer: http://www.google.com/search?q=mercurania.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://silver-seek.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 23 Jun 2014 12:13:04 GMT Location: http://www.silverseek.com Server: Apache/1.3.42 (Unix) mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 PHP/4.4.9 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.8e-fips-rhel5 Content-Type: text/html; charset=iso-8859-1 | malicious |
http://www.silverseek.com/ | 200 OK Content-Length: 123797 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.goldseek.com ...[6783 bytes skipped]... ">0.00</span> </li> <li> <span class="com">Euro:</span> <span class="num">1.360</span> <span class="img"></span> <span class="perc">0.000</span> </li> </ul> <ul> <li> <span class="com">USDX:</span> <span class="num">80.331</span> <span class="img"><img src=http://www.goldseek.com/images/up.gif></span> <span class="perc"><font>0.028</font></span> </li> <li> <span class="com">Oil:</span> <span class="num">106.70</span> <span class="img"><img src=http://www.goldseek.com/images/up.gif></span> <span class="perc"><font>0.66</font></span> </li> </ul> </div> <script type="text/javascript"&g ...[143689 bytes skipped]... | ||
http://www.silverseek.com/sites/silverseek.com/files/js/js_7ed247195a36aedbc5a3f0a2a54fdf2b.js | 200 OK Content-Length: 256772 Content-Type: text/javascript | clean |
http://output75.rssinclude.com/output?type=js&id=581019&hash=732edb7a8589e7bdddac0502782784e3 | 200 OK Content-Length: 4643 Content-Type: text/javascript | malicious |
Malicious code found. Script contains blacklisted domain: silverseek.com ...[1763 bytes skipped]... xt-decoration: none;\n}\n\ndiv#rssincl-box-581019 div.rssincl-content div.rssincl-entry div.rssincl-itemdesc img {\n margin: 5px;\n}\n\ndiv#rssincl-box-581019 div.rssincl-content div.rssincl-entry div.rssincl-clear {\n clear:both;\n}\n\n</style>\n\n<div id=\"rssincl-box-581019\">\n <div class=\"rssincl-head\">\n <p class=\"rssincl-title\">\n Silver Investor Community Discussion Forums - silverseek.com </p>\n </div>\n <div class=\"rssincl-content\">\n <div class=\"rssincl-entry\">\n <p class=\"rssincl-itemtitle\"><a href=\"http://forums.silverseek.com/showthread.php?64984-2015-Eagle-Design-Change-Recommendation&goto=newpost\" target=\"_self\">2015 Eagle Design Change Recommendation</a></p>\n <div class=\"rssincl-itemdesc\">* ---Quote (Originally by jimi)--- Now that ...[2326 bytes skipped]... Decoded script: ...[1923 bytes skipped]... r/>} div#rssincl-box-581019 div.rssincl-content div.rssincl-entry div.rssincl-itemdesc img { margin: 5px; } div#rssincl-box-581019 div.rssincl-content div.rssincl-entry div.rssincl-clear { clear:both; } </style> <div id="rssincl-box-581019"> <div class="rssincl-head"> <p class="rssincl-title"> Silver Investor Community Discussion Forums - silverseek.com </p> </div> <div class="rssincl-content"> <div class="rssincl-entry"> <p class="rssincl-itemtitle"><a href="http://forums.silverseek.com/showthread.php?64984-2015-Eagle-Design-Change-Recommendation&goto=newpost" target="_self">2015 Eagle Design Change Recommendation</a></p> <div class="rssincl-itemdesc">* ---Quote (Originally by jimi)--- Now t ...[2370 bytes skipped]... | ||
http://silver-seek.com//pagead2.googlesyndication.com/pagead/show_ads.js/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 23 Jun 2014 12:13:09 GMT Location: http://www.silverseek.compagead2.googlesyndication.com/pagead/show_ads.js/ Server: Apache/1.3.42 (Unix) mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 PHP/4.4.9 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.8e-fips-rhel5 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.silverseek.compagead2.googlesyndication.com/pagead/show_ads.js/ | 500 Can't connect to www.silverseek.compagead2.googlesyndication.com:80 (Bad hostname) Content-Length: 226 Content-Type: text/plain | clean |
http://www.silverseek.compagead2.googlesyndication.com/test404page.js | 500 Can't connect to www.silverseek.compagead2.googlesyndication.com:80 (Bad hostname) Content-Length: 226 Content-Type: text/plain | clean |
http://output46.rssinclude.com/output?type=js&id=464842&hash=f77d0b6fbf60d57a41f6c04ce51580ba | 200 OK Content-Length: 5252 Content-Type: text/javascript | malicious |
Malicious code found. Script contains blacklisted domain: news.goldseek.com ...[1953 bytes skipped]... ontent div.rssincl-entry div.rssincl-clear {\n clear:both;\n}\n\n</style>\n\n<div id=\"rssincl-box-464842\">\n <div class=\"rssincl-head\">\n <p class=\"rssincl-title\">\n Gold News </p>\n </div>\n <div class=\"rssincl-content\">\n <div class=\"rssincl-entry\">\n <p class=\"rssincl-itemtitle\"><a href=\"http://news.goldseek.com/InsigniaConsultants/1403503320.php\" target=\"_self\">Asian Metals Market Update</a></p>\n <div class=\"rssincl-itemdesc\">Iraq violence can result in gold and silver rising to $1400\nand $25.00. US ...</div>\n <div class=\"rssincl-clear\"></div>\n </div>\n <div class=\"rssincl-entry\">\n <p class=\"rssincl-itemtitle\"><a href=\"http://news.goldseek.com/radio/1403496000. ...[2854 bytes skipped]... Decoded script: ...[2124 bytes skipped]... cl-entry div.rssincl-clear { clear:both; } </style> <div id="rssincl-box-464842"> <div class="rssincl-head"> <p class="rssincl-title"> Gold News </p> </div> <div class="rssincl-content"> <div class="rssincl-entry"> <p class="rssincl-itemtitle"><a href="http://news.goldseek.com/InsigniaConsultants/1403503320.php" target="_self">Asian Metals Market Update</a></p> <div class="rssincl-itemdesc">Iraq violence can result in gold and silver rising to $1400 and $25.00. US ...</div> <div class="rssincl-clear"></div> </div> <div class="rssincl-entry"> <p class="rssincl-itemtitle"><a href="http://news.goldseek.com/radio/14034 ...[2910 bytes skipped]... | ||
http://www.silverseek.com/sites/silverseek.com/files/js/js_dd6551617abb67e398b12127d0f730ef.js | 200 OK Content-Length: 1226 Content-Type: text/javascript | clean |