Scanned pages/files
Request | Server response | Status |
http://www.myilluminateblog.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 30 Sep 2014 06:29:25 GMT Location: http://myilluminateblog.com/ Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://myilluminateblog.com/xmlrpc.php X-Powered-By: PHP/5.3.23 | clean |
http://myilluminateblog.com/ | 200 OK Content-Length: 41699 Content-Type: text/html | clean |
http://myilluminateblog.com/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 96402 Content-Type: application/javascript | clean |
http://myilluminateblog.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7199 Content-Type: application/javascript | clean |
http://myilluminateblog.com/wp-content/themes/aph/scripts/event-tracking.js?ver=1.0 | 200 OK Content-Length: 3860 Content-Type: application/javascript | clean |
http://myilluminateblog.com/wp-includes/js/imgareaselect/jquery.imgareaselect.min.js?ver=0.9.10 | 200 OK Content-Length: 13881 Content-Type: application/javascript | clean |
http://myilluminateblog.com/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105 | 200 OK Content-Length: 12018 Content-Type: application/javascript | clean |
http://cdn.jquerytools.org/1.2.5/full/jquery.tools.min.js | 200 OK Content-Length: 118695 Content-Type: application/x-javascript | clean |
https://github.com/protonet/jquery.inview/raw/master/jquery.inview.min.js | HTTP/1.1 302 Found Cache-Control: no-cache Connection: close Date: Tue, 30 Sep 2014 06:29:31 GMT Location: https://raw.githubusercontent.com/protonet/jquery.inview/master/jquery.inview.min.js Server: GitHub.com Vary: X-PJAX Vary: Accept-Encoding Content-Type: text/html; charset=utf-8 Access-Control-Allow-Origin: https://render.githubusercontent.com Set-Cookie: _gh_sess=eyJzZXNzaW9uX2lkIjoiZjc5Y2Y3NDliOTI1MDhlMDllN2Y3OTNjNzlmMDAyMDAiLCJzcHlfcmVwbyI6InByb3RvbmV0L2pxdWVyeS5pbnZpZXciLCJzcHlfcmVwb19hdCI6MTQxMjA1ODU3MX0%3D--f3d7633b7dea72b47444800a3310cfd4a574bef1; path=/; secure; HttpOnly Status: 302 Found Strict-Transport-Security: max-age=31536000; includeSubdomains; preload X-Content-Security-Policy: default-src *; script-src assets-cdn.github.com www.google-analytics.com collector-cdn.github.com; object-src assets-cdn.github.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' assets-cdn.github.com; img-src 'self' data: assets-cdn.github.com identicons.github.com www.google-analytics.com collector.githubapp.com *.githubusercontent.com *.gravatar.com *.wp.com; media-src 'none'; frame-src 'self' render.githubusercontent.com gist.github.com www.youtube.com player.vimeo.com checkout.paypal.com; font-src assets-cdn.github.com; connect-src 'self' ghconduit.com:25035 live.github.com uploads.github.com s3.amazonaws.com X-Content-Type-Options: nosniff X-Frame-Options: deny X-GitHub-Request-Id: 4E9E0BE2:5B17:279A0670:542A4DCA X-RateLimit-Limit: 100 X-RateLimit-Remaining: 100 X-Runtime: 0.008021 X-Served-By: a128136e4734a9f74c013356c773ece7 X-UA-Compatible: IE=Edge,chrome=1 X-XSS-Protection: 1; mode=block | clean |
https://raw.githubusercontent.com/protonet/jquery.inview/master/jquery.inview.min.js | 200 OK Content-Length: 1424 Content-Type: text/plain | clean |
http://raw.githubusercontent.com/test404page.js | 404 Not Found Content-Length: 9152 Content-Type: text/html | clean |
http://raw.githubusercontent.com/ | 404 Not Found Content-Length: 9152 Content-Type: text/html | clean |
http://myilluminateblog.com/wp-content/themes/aph/scripts/plugins.js | 200 OK Content-Length: 38393 Content-Type: application/javascript | clean |
http://myilluminateblog.com/wp-content/themes/aph/scripts/scripts.js | 200 OK Content-Length: 5050 Content-Type: application/javascript | clean |
http://w.sharethis.com/button/buttons.js | 200 OK Content-Length: 145774 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(typeof(stlib)=="undefined"){var stlib={}}if(!stlib.functions){stlib.functions=[];stlib.functionCount=0}stlib.global={};stlib.global.hash=document.location.href.split("#");stlib.global.hash.shift();stlib.global.hash=stlib.global.hash.join("#");stlib.dynamicOn=true;stlib.debugOn=false;stlib.debug={count:0,messages:[],debug:function(b,a){if(a&&(typeof console)!="undefined"){console.log(b)}stlib.debug.messages.push(b)},show:function(a){for(message in stlib.debug.messages){if((typeof conso Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: myilluminateblog.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 30 Sep 2014 06:29:26 GMT
Server: Apache
Content-Length: 41699
Content-Type: text/html; charset=UTF-8
Link: <http://myilluminateblog.com/>; rel=shortlink
X-Pingback: http://myilluminateblog.com/xmlrpc.php
X-Powered-By: PHP/5.3.23
...41699 bytes of data.
GET / HTTP/1.1
Host: myilluminateblog.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 30 Sep 2014 06:29:26 GMT
Server: Apache
Content-Length: 41699
Content-Type: text/html; charset=UTF-8
Link: <http://myilluminateblog.com/>; rel=shortlink
X-Pingback: http://myilluminateblog.com/xmlrpc.php
X-Powered-By: PHP/5.3.23
...41699 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: myilluminateblog.com
Referer: http://www.google.com/search?q=myilluminateblog.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: myilluminateblog.com
Referer: http://www.google.com/search?q=myilluminateblog.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=myilluminateblog.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://myilluminateblog.com/
Result: myilluminateblog.com is not infected or malware details are not published yet.
Result: myilluminateblog.com is not infected or malware details are not published yet.