Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=snowcattraining.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://snowcattraining.com/ | 200 OK Content-Length: 28670 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: safetyoneinc.com ...[749 bytes skipped]... Corporations Worldwide.</title> <!-- mobile meta (hooray!) --> <meta name="HandheldFriendly" content="True"> <meta name="MobileOptimized" content="320"> <meta name="viewport" content="width=device-width, initial-scale=1.0"/> <!-- icons & favicons (for more: http://www.jonathantneal.com/blog/understand-the-favicon/) --> <link rel="apple-touch-icon" href="http://safetyoneinc.com/wp-content/themes/S1Theme/library/images/apple-icon-touch.png"> <link rel="icon" href="http://safetyoneinc.com/wp-content/themes/S1Theme/favicon.png"> <!--[if IE]> <link rel="shortcut icon" href="http://safetyoneinc.com/wp-content/themes/S1Theme/favicon.ico"> <![endif]--> <!-- or, set /favicon.ico for IE10 win --> <meta name="msapplication-TileColor" content="#f01d4f"> <meta name="msapplication-T ...[3052 bytes skipped]... | ||
http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js | 200 OK Content-Length: 85925 Content-Type: text/javascript | clean |
http://safetyoneinc.com/wp-content/plugins/payment_terminal_pro/resources/js/jquery.colorbox.js | 200 OK Content-Length: 36921 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function ($, document, window) { var defaults = { transition: "elastic", speed: 300, fadeOut: 300, width: false, initialWidth: "600", innerWidth: false, maxWidth: false, height: false, initialHeight: "450", innerHeight: false, maxHeight: false, scalePhotos: t .removeData(colorbox) .removeClass(boxElement); $(document).unbind('click.'+prefix); }; publicMethod.element = function () { return $(element); }; publicMethod.settings = defaults; }(jQuery, document, window)); function ccpt_resizeColorbox(width,height){ jQuery.colorbox.resize({width:width+'px',height:height+'px'}); } Antivirus reports:
| ||
http://safetyoneinc.com/wp-content/plugins/fancybox-for-wordpress/fancybox/jquery.fancybox.js | 200 OK Content-Length: 15667 Content-Type: application/javascript | clean |
http://safetyoneinc.com/wp-content/plugins/intense/js/modernizr.js | 200 OK Content-Length: 9384 Content-Type: application/javascript | clean |
http://safetyoneinc.com/wp-content/plugins/weptile-image-slider-widget/js/weptile-image-slider-widget.js | 200 OK Content-Length: 0 Content-Type: application/javascript | clean |
http://safetyoneinc.com/wp-content/plugins/weptile-image-slider-widget/nivo-slider/jquery.nivo.slider.pack.js | 200 OK Content-Length: 12478 Content-Type: application/javascript | clean |
http://safetyoneinc.com/wp-content/themes/S1Theme/library/js/libs/modernizr.custom.min.js | 200 OK Content-Length: 15126 Content-Type: application/javascript | clean |
http://safetyoneinc.com/wp-content/plugins/google-analyticator/external-tracking.min.js | 200 OK Content-Length: 1190 Content-Type: application/javascript | clean |
http://safetyoneinc.com/wp-includes/js/jquery/ui/core.min.js | 200 OK Content-Length: 3998 Content-Type: application/javascript | clean |
http://safetyoneinc.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js | 200 OK Content-Length: 15248 Content-Type: application/javascript | clean |
http://safetyoneinc.com/wp-content/plugins/contact-form-7/includes/js/scripts.js | 200 OK Content-Length: 11145 Content-Type: application/javascript | clean |
http://s0.wp.com/wp-content/js/devicepx-jetpack.js | 200 OK Content-Length: 9301 Content-Type: application/x-javascript | clean |
http://safetyoneinc.com/wp-includes/js/comment-reply.min.js | 200 OK Content-Length: 757 Content-Type: application/javascript | clean |
http://safetyoneinc.com/wp-content/themes/S1Theme/library/js/scripts.js | 200 OK Content-Length: 3337 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: snowcattraining.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 25 Feb 2015 05:03:20 GMT
Server: Apache/2.2.27 (FreeBSD) PHP/5.3.28 with Suhosin-Patch Phusion_Passenger/4.0.45 mod_ssl/2.2.27 OpenSSL/0.9.8y DAV/2
Vary: User-Agent,Accept-Encoding
Content-Type: text/html; charset=UTF-8
Link: <http://wp.me/P3C3DN-2>; rel=shortlink
X-Pingback: http://safetyoneinc.com/xmlrpc.php
X-Powered-By: PHP/5.3.28
GET / HTTP/1.1
Host: snowcattraining.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 25 Feb 2015 05:03:20 GMT
Server: Apache/2.2.27 (FreeBSD) PHP/5.3.28 with Suhosin-Patch Phusion_Passenger/4.0.45 mod_ssl/2.2.27 OpenSSL/0.9.8y DAV/2
Vary: User-Agent,Accept-Encoding
Content-Type: text/html; charset=UTF-8
Link: <http://wp.me/P3C3DN-2>; rel=shortlink
X-Pingback: http://safetyoneinc.com/xmlrpc.php
X-Powered-By: PHP/5.3.28
Second query (visit from search engine):
GET / HTTP/1.1
Host: snowcattraining.com
Referer: http://www.google.com/search?q=snowcattraining.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: snowcattraining.com
Referer: http://www.google.com/search?q=snowcattraining.com
Result:
The result is similar to the first query. There are no suspicious redirects found.