Scanned pages/files
Request | Server response | Status |
http://herbalskincare.org/ | 200 OK Content-Length: 32240 Content-Type: text/html | clean |
http://herbalskincare.org/wp-includes/js/jquery/jquery.js?ver=1.8.3 | 200 OK Content-Length: 93658 Content-Type: application/javascript | clean |
http://herbalskincare.org/wp-content/plugins/featured-posts-grid/js/fpg.js.php?ver=3.5 | 200 OK Content-Length: 8079 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var FeaturedPostsLib = this.FeaturedPostsLib || {}; FeaturedPostsLib.fpg = FeaturedPostsLib.fpg || {}; (function($j) { var animationLocked = new Array(); var autoscrollInterval = new Array(); FeaturedPostsLib.fpg.init = function() { $j('.fpg-wrapper').each(function() { $j(this).children('.fpg-page').slice(1).find('.fpg-item').css( {'margin-top':'3px','opacity':0.0}) { nextItem = $j(itemToShow).prev('.fpg-item'); } if (nextItem.length >0 ) fpgFadeInItems(nextItem, dir, callback); else callback(); } } ); } }(jQuery)) jQuery(document).ready(FeaturedPostsLib.fpg.init); Antivirus reports:
| ||
http://herbalskincare.org/wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.9.2 | 200 OK Content-Length: 4693 Content-Type: application/javascript | clean |
http://herbalskincare.org/wp-includes/js/jquery/ui/jquery.ui.widget.min.js?ver=1.9.2 | 200 OK Content-Length: 6759 Content-Type: application/javascript | clean |
http://herbalskincare.org/wp-includes/js/jquery/ui/jquery.ui.effect.min.js?ver=1.9.2 | 200 OK Content-Length: 12970 Content-Type: application/javascript | clean |
http://herbalskincare.org/wp-content/themes/montezuma/javascript/smooth-menu.js?ver=3.5 | 200 OK Content-Length: 8514 Content-Type: application/javascript | clean |
http://herbalskincare.org/wp-content/uploads/montezuma/javascript.js?ver=3.5 | 200 OK Content-Length: 7450 Content-Type: application/javascript | clean |
http://herbalskincare.org/contact-us/ | 200 OK Content-Length: 18869 Content-Type: text/html | clean |
http://herbalskincare.org/wp-includes/js/comment-reply.min.js?ver=3.5 | 200 OK Content-Length: 786 Content-Type: application/javascript | clean |
http://herbalskincare.org/wp-includes/js/quicktags.min.js?ver=3.5 | 200 OK Content-Length: 9917 Content-Type: application/javascript | clean |
http://api.recaptcha.net/challenge?k=6LdoRtgSAAAAAJksf5zr8tTn4xuB5yhmRvCUWMwS | 200 OK Content-Length: 67 Content-Type: text/javascript | clean |
http://herbalskincare.org/category/products/ | 200 OK Content-Length: 16049 Content-Type: text/html | clean |
http://herbalskincare.org/category/oils/ | 200 OK Content-Length: 20397 Content-Type: text/html | clean |
http://herbalskincare.org/category/peel/ | 200 OK Content-Length: 15954 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: herbalskincare.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 23 Apr 2014 22:24:08 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Pingback: http://herbalskincare.org/xmlrpc.php
GET / HTTP/1.1
Host: herbalskincare.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 23 Apr 2014 22:24:08 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Pingback: http://herbalskincare.org/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: herbalskincare.org
Referer: http://www.google.com/search?q=herbalskincare.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: herbalskincare.org
Referer: http://www.google.com/search?q=herbalskincare.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=herbalskincare.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://herbalskincare.org/
Result: herbalskincare.org is not infected or malware details are not published yet.
Result: herbalskincare.org is not infected or malware details are not published yet.