Scanned pages/files
Request | Server response | Status |
http://www.healthwiseassociate.com/ | 200 OK Content-Length: 14441 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: +ADw-/title+AD4-Hacked by MrTieDie +AH4 We Are Cop1r3 - Jje Incovers - Joe - ReC0ded - De4dly Poison <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US" xml:lang="en-US"> <head profile="http://gmpg.org/xfn/11"> <meta http-equiv="Content-Type" content="text/html; charset=UTF-7" /> <title>+ADw-/title+AD4-Hacked by MrTieDie +AH4 We Are Cop1r3 - Jje Incovers - Joe - ReC0ded - De4dly Poison - Ice- cream - Pain R - ViruzTomcat - MrTieDie - Codex+AF8-H4xor - eX-Sh1Ne - Sh0uT0u7 - Mare +AHw Happy Birthday My Mother+ACE I Love U My Mother+ADw-DIV style+AD0AIg-DISPLAY: none+ACIAPgA8-xmp+AD4-</title> <meta name="description" content="Healthy, Wealthy and Wise" /> <meta name="robots" content="noodp,noydir" /> <link rel="stylesheet" href="http://www.h ...[15811 bytes skipped]... | ||
http://www.healthwiseassociate.com/wp-includes/js/l10n.js?ver=20101110 | 200 OK Content-Length: 308 Content-Type: application/javascript | clean |
http://www.healthwiseassociate.com/wp-includes/js/jquery/jquery.js?ver=1.6.1 | 200 OK Content-Length: 91363 Content-Type: application/javascript | clean |
http://www.healthwiseassociate.com/wp-content/plugins/brainhost-plugin/script.js?ver=1.0 | 200 OK Content-Length: 821 Content-Type: application/javascript | clean |
http://www.healthwiseassociate.com/wp-content/plugins/dynamic-content-gallery-plugin/js-mootools/scripts/mootools-1.2.4-core-jm.js | 200 OK Content-Length: 79833 Content-Type: application/javascript | clean |
http://www.healthwiseassociate.com/wp-content/plugins/dynamic-content-gallery-plugin/js-mootools/scripts/mootools-1.2.4.4-more.js | 200 OK Content-Length: 6901 Content-Type: application/javascript | clean |
http://www.healthwiseassociate.com/wp-content/plugins/dynamic-content-gallery-plugin/js-mootools/scripts/jd.gallery_1_2_4_4.js | 200 OK Content-Length: 28094 Content-Type: application/javascript | clean |
http://www.healthwiseassociate.com/wp-content/plugins/dynamic-content-gallery-plugin/js-mootools/scripts/jd.gallery.transitions_1_2_4_4.js | 200 OK Content-Length: 3232 Content-Type: application/javascript | clean |
http://www.healthwiseassociate.com/wp-includes/js/thickbox/thickbox.js?ver=3.1-20110528 | 200 OK Content-Length: 12447 Content-Type: application/javascript | clean |
http://www.healthwiseassociate.com/blog/ | 200 OK Content-Length: 21769 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,d){while(c--)if(k[c])p=p.replace(new RegExp('\\b'+c.toString(a)+'\\b','g'),k[c]);return p}('w u(t){0=s.r("6");0.q();0.p();0.o(n)}7 4={m:"l"};7 2={k:"6"};j.i("h://g.f.e/v/d?c=1&b=0&a=3","9","1","1","8",5,5,4,2);',33,33,'ytplayer||atts||params|null|myytplayer|var||ytapiplayer|version|playerapiid|enablejsapi|1mlbypRQ878|com|youtube|www|http|embedSWF|swfobject|id|always|allowScriptAccess|true|setLoop|playVideo|mute|getElementById|document|playerId|onYouTubePlayerReady||function'.split('|'))) Antivirus reports:
| ||
http://code.jquery.com/jquery-latest.min.js | 200 OK Content-Length: 95786 Content-Type: application/x-javascript | clean |
http://www.healthwiseassociate.com/test404page.js | 200 OK Content-Length: 21769 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,d){while(c--)if(k[c])p=p.replace(new RegExp('\\b'+c.toString(a)+'\\b','g'),k[c]);return p}('w u(t){0=s.r("6");0.q();0.p();0.o(n)}7 4={m:"l"};7 2={k:"6"};j.i("h://g.f.e/v/d?c=1&b=0&a=3","9","1","1","8",5,5,4,2);',33,33,'ytplayer||atts||params|null|myytplayer|var||ytapiplayer|version|playerapiid|enablejsapi|1mlbypRQ878|com|youtube|www|http|embedSWF|swfobject|id|always|allowScriptAccess|true|setLoop|playVideo|mute|getElementById|document|playerId|onYouTubePlayerReady||function'.split('|'))) Antivirus reports:
| ||
http://www.healthwiseassociate.com/category/exercise-2/ | 200 OK Content-Length: 21769 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,d){while(c--)if(k[c])p=p.replace(new RegExp('\\b'+c.toString(a)+'\\b','g'),k[c]);return p}('w u(t){0=s.r("6");0.q();0.p();0.o(n)}7 4={m:"l"};7 2={k:"6"};j.i("h://g.f.e/v/d?c=1&b=0&a=3","9","1","1","8",5,5,4,2);',33,33,'ytplayer||atts||params|null|myytplayer|var||ytapiplayer|version|playerapiid|enablejsapi|1mlbypRQ878|com|youtube|www|http|embedSWF|swfobject|id|always|allowScriptAccess|true|setLoop|playVideo|mute|getElementById|document|playerId|onYouTubePlayerReady||function'.split('|'))) Antivirus reports:
| ||
http://www.healthwiseassociate.com/category/health/ | 200 OK Content-Length: 21769 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,d){while(c--)if(k[c])p=p.replace(new RegExp('\\b'+c.toString(a)+'\\b','g'),k[c]);return p}('w u(t){0=s.r("6");0.q();0.p();0.o(n)}7 4={m:"l"};7 2={k:"6"};j.i("h://g.f.e/v/d?c=1&b=0&a=3","9","1","1","8",5,5,4,2);',33,33,'ytplayer||atts||params|null|myytplayer|var||ytapiplayer|version|playerapiid|enablejsapi|1mlbypRQ878|com|youtube|www|http|embedSWF|swfobject|id|always|allowScriptAccess|true|setLoop|playVideo|mute|getElementById|document|playerId|onYouTubePlayerReady||function'.split('|'))) Antivirus reports:
| ||
http://www.healthwiseassociate.com/category/healthy-food/ | 200 OK Content-Length: 21769 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,d){while(c--)if(k[c])p=p.replace(new RegExp('\\b'+c.toString(a)+'\\b','g'),k[c]);return p}('w u(t){0=s.r("6");0.q();0.p();0.o(n)}7 4={m:"l"};7 2={k:"6"};j.i("h://g.f.e/v/d?c=1&b=0&a=3","9","1","1","8",5,5,4,2);',33,33,'ytplayer||atts||params|null|myytplayer|var||ytapiplayer|version|playerapiid|enablejsapi|1mlbypRQ878|com|youtube|www|http|embedSWF|swfobject|id|always|allowScriptAccess|true|setLoop|playVideo|mute|getElementById|document|playerId|onYouTubePlayerReady||function'.split('|'))) Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: healthwiseassociate.com
Result:
GET / HTTP/1.1
Host: healthwiseassociate.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: healthwiseassociate.com
Referer: http://www.google.com/search?q=healthwiseassociate.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: healthwiseassociate.com
Referer: http://www.google.com/search?q=healthwiseassociate.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=healthwiseassociate.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://healthwiseassociate.com/
Result: healthwiseassociate.com is not infected or malware details are not published yet.
Result: healthwiseassociate.com is not infected or malware details are not published yet.