Scanned pages/files
| Request | Server response | Status |
http://jamalfox.com/ | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=900 Connection: close Date: Mon, 12 May 2014 12:59:05 GMT Age: 0 Location: http://www.greensboroideas.com/ Server: Microsoft-IIS/7.5 Content-Length: 0 Content-Type: text/html X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET | clean |
http://www.greensboroideas.com/ | HTTP/1.1 302 Found Connection: Close Date: Mon, 12 May 2014 12:59:05 GMT Location: http://auth.mindmixer.com/GetAuthCookie?returnUrl=http%3a%2f%2fwww.greensboroideas.com%2f Server: Microsoft-IIS/7.5 Server: Web02 Content-Length: 206 Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept Access-Control-Allow-Methods: * Access-Control-Allow-Origin: * App: ww P3P: CP="NON DSP COR ADM DEV PSA PSD IVA OUR BUS STA" Set-Cookie: isCookiesSupported=true; domain=.greensboroideas.com; expires=Sun, 12-May-2024 12:59:06 GMT; path=/; HttpOnly X-Powered-By: ASP.NET | clean |
http://auth.mindmixer.com/getauthcookie?returnurl=http%3a%2f%2fwww.greensboroideas.com%2f | HTTP/1.1 302 Found Cache-Control: private Connection: Close Date: Mon, 12 May 2014 12:59:05 GMT Location: http://www.greensboroideas.com/?authCookie= Server: Microsoft-IIS/7.5 Server: Web01 Content-Length: 160 Content-Type: text/html; charset=utf-8 Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept Access-Control-Allow-Methods: * Access-Control-Allow-Origin: * App: ww P3P: CP="NON DSP COR ADM DEV PSA PSD IVA OUR BUS STA" Set-Cookie: X=true; path=/; HttpOnly X-AspNet-Version: 4.0.30319 X-AspNetMvc-Version: 4.0 X-Powered-By: ASP.NET | clean |
http://www.greensboroideas.com/?authcookie= | HTTP/1.1 302 Found Connection: Close Date: Mon, 12 May 2014 12:59:06 GMT Location: http://www.greensboroideas.com/?isCookiesSupported=false Server: Microsoft-IIS/7.5 Server: Web01 Content-Length: 173 Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept Access-Control-Allow-Methods: * Access-Control-Allow-Origin: * App: ww P3P: CP="NON DSP COR ADM DEV PSA PSD IVA OUR BUS STA" Set-Cookie: MasterAuthIsRequested=true; path=/; HttpOnly Set-Cookie: IsMasterAuthResponse=true; path=/; HttpOnly X-Powered-By: ASP.NET | clean |
http://www.greensboroideas.com/?iscookiessupported=false | 200 OK Content-Length: 58638 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) $(document).ready(function () { var container = $('div.leftShareBar'); var items = container.find('.shareItemsContainer'); $(window).scroll(function () { var height = items.height(); var bottom = $('.footerWrap').offset().top; var top = $('div.pageContentWrap').position().top - ($(".headerNavWrap").height() + $(".topicTextInfoWrapper").height()); var scrolled = $(this).scrollTop(); items.addClass('fixed').css({ 'margin-top': '0px', 'top': ($(".headerNavWrap").height() + $(".topicTextInfoWrapper").height() + $.getGoogleTranslateFix() + 22) + "px" }); } else { var marginTop = bottom - $('div.leftShareBar').find('.shareItemsContainer').height() - $('div.leftShareBar').offset().top - 4; items.removeClass('fixed').css({ 'margin-top': marginTop + 'px', 'top': 'auto' }); } }); }); Antivirus reports:
| ||
http://static.mindmixer.com/vzMMSRKnHS3WP8CTDmm9VrlQPo0MTyiwe94k5IdgL0KQ1/Content/bundles/js/libraries.js | 200 OK Content-Length: 300606 Content-Type: text/javascript | clean |
http://static.mindmixer.com/vQfolrsSET9k0LotTKUOy0Xye9iao4IVN_sShRA_bZOA1/Content/bundles/js/angular.js | 200 OK Content-Length: 168379 Content-Type: text/javascript | clean |
http://static.mindmixer.com/vMGk5oTGtk7uyTeH58pPdWlk8DUuCatnXIzKX3CxMv881/Content/bundles/js/app.js | 200 OK Content-Length: 101752 Content-Type: text/javascript | clean |
http://static.mindmixer.com/vFnxgsug2ZLEWamU8icy7HxUNYvaSFP9BEj9IL15EOnQ1/Content/bundles/js/external.js | 200 OK Content-Length: 9326 Content-Type: text/javascript | clean |
http://static.mindmixer.com/v6vdgUBJSaQEy2w6rUiHKphbL5eJWqFB_ChKoKCpKAGw1/Content/bundles/js/jquery.fileupload.js | 200 OK Content-Length: 34338 Content-Type: text/javascript | clean |
http://static.mindmixer.com/vdbfz_fBd_QKtj4J9B9dV5den29lkJ4Benc7QHXfovwg1/Content/bundles/js/profile.js | 200 OK Content-Length: 3675 Content-Type: text/javascript | clean |
http://static.mindmixer.com/vwXq4emxjXTjVk5VyQUO0NtBjXcguoeySidEJcTUV7Io1/Content/bundles/js/common.js | 200 OK Content-Length: 70006 Content-Type: text/javascript | clean |
http://jamalfox.com/Content/Common/Js/projectRelative/addIdeaHelper.js | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=900 Connection: close Date: Mon, 12 May 2014 12:59:16 GMT Age: 0 Location: http://www.greensboroideas.com//Content/Common/Js/projectRelative/addIdeaHelper.js Server: Microsoft-IIS/7.5 Content-Length: 0 Content-Type: text/html X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET | clean |
http://www.greensboroideas.com//content/common/js/projectrelative/addideahelper.js/ | 404 Not Found Content-Length: 1245 Content-Type: text/html | clean |
http://www.greensboroideas.com/test404page.js | HTTP/1.1 302 Found Connection: Close Date: Mon, 12 May 2014 12:59:17 GMT Location: http://auth.mindmixer.com/GetAuthCookie?returnUrl=http%3a%2f%2fwww.greensboroideas.com%2ftest404page.js Server: Microsoft-IIS/7.5 Server: Web02 Content-Length: 220 Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept Access-Control-Allow-Methods: * Access-Control-Allow-Origin: * App: ww P3P: CP="NON DSP COR ADM DEV PSA PSD IVA OUR BUS STA" Set-Cookie: isCookiesSupported=true; domain=.greensboroideas.com; expires=Sun, 12-May-2024 12:59:17 GMT; path=/; HttpOnly X-Powered-By: ASP.NET | clean |
http://auth.mindmixer.com/getauthcookie?returnurl=http%3a%2f%2fwww.greensboroideas.com%2ftest404page.js | HTTP/1.1 302 Found Cache-Control: private Connection: Close Date: Mon, 12 May 2014 12:59:18 GMT Location: http://www.greensboroideas.com/test404page.js?authCookie= Server: Microsoft-IIS/7.5 Server: Web01 Content-Length: 174 Content-Type: text/html; charset=utf-8 Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept Access-Control-Allow-Methods: * Access-Control-Allow-Origin: * App: ww P3P: CP="NON DSP COR ADM DEV PSA PSD IVA OUR BUS STA" Set-Cookie: X=true; path=/; HttpOnly X-AspNet-Version: 4.0.30319 X-AspNetMvc-Version: 4.0 X-Powered-By: ASP.NET | clean |
http://www.greensboroideas.com/test404page.js?authcookie= | HTTP/1.1 302 Found Connection: Close Date: Mon, 12 May 2014 12:59:19 GMT Location: http://www.greensboroideas.com/test404page.js?isCookiesSupported=false Server: Microsoft-IIS/7.5 Server: Web02 Content-Length: 187 Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept Access-Control-Allow-Methods: * Access-Control-Allow-Origin: * App: ww P3P: CP="NON DSP COR ADM DEV PSA PSD IVA OUR BUS STA" Set-Cookie: MasterAuthIsRequested=true; path=/; HttpOnly Set-Cookie: IsMasterAuthResponse=true; path=/; HttpOnly X-Powered-By: ASP.NET | clean |
http://www.greensboroideas.com/test404page.js?iscookiessupported=false | 404 Not Found Content-Length: 34717 Content-Type: text/html | clean |
http://www.greensboroideas.com/Content/Common/Js/projectRelative/addIdeaHelper.js | 200 OK Content-Length: 1395 Content-Type: application/x-javascript | clean |
http://www.greensboroideas.com/Content/Common/Js/projectRelative/allocationHelper.js | 200 OK Content-Length: 9041 Content-Type: application/x-javascript | clean |
http://www.greensboroideas.com/Content/Common/Js/projectRelative/allocationStatistic.js | 200 OK Content-Length: 4647 Content-Type: application/x-javascript | clean |
http://www.greensboroideas.com/Content/Common/Js/projectRelative/challengeHelper.js | 200 OK Content-Length: 977 Content-Type: application/x-javascript | clean |
http://www.greensboroideas.com/Content/Common/Js/projectRelative/enhancedCountable.js | 200 OK Content-Length: 5284 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: jamalfox.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=900
Connection: close
Date: Mon, 12 May 2014 12:59:05 GMT
Age: 0
Location: http://www.greensboroideas.com/
Server: Microsoft-IIS/7.5
Content-Length: 0
Content-Type: text/html
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
...0 bytes of data.
GET / HTTP/1.1
Host: jamalfox.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=900
Connection: close
Date: Mon, 12 May 2014 12:59:05 GMT
Age: 0
Location: http://www.greensboroideas.com/
Server: Microsoft-IIS/7.5
Content-Length: 0
Content-Type: text/html
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: jamalfox.com
Referer: http://www.google.com/search?q=jamalfox.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: jamalfox.com
Referer: http://www.google.com/search?q=jamalfox.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jamalfox.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://jamalfox.com/
Result: jamalfox.com is not infected or malware details are not published yet.
Result: jamalfox.com is not infected or malware details are not published yet.