Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=newspapersineducationwr.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://newspapersineducationwr.com/ | 200 OK Content-Length: 38017 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var slider_height = '471'; var slider_backup = ''; function slider_options(){ jQuery('#feature,.camera_wrap').css('height', slider_height); jQuery('#camera_wrap_3').camera({ thumbnails: false, height: slider_height, pagination: 1, navigation: 1, ...[2818 bytes skipped]... Antivirus reports:
| ||
http://newspapersineducationwr.com//ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Mon, 29 Dec 2014 04:14:28 GMT Pragma: no-cache Location: http://newspapersineducationwr.com/ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js/ Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: PHPSESSID=791ce74bb29a74ea7bdf3e523dc5b7eb; path=/ X-Pingback: http://newspapersineducationwr.com/xmlrpc.php X-Powered-By: PHP/5.3.28 | clean |
http://newspapersineducationwr.com/ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js/ | 404 Not Found Content-Length: 26950 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: niewr.ca <!DOCTYPE html> <html lang="en-US"> <head> <title>NOT FOUND | Newpapers In Education</title><meta name="description" content="" /><meta name="keywords" content="" /> <link rel="shortcut icon" href="http://niewr.ca/wp-content/uploads/2012/08/favicon.ico"/> <meta http-equiv="Content-Type" content="text/html;charset=utf-8"> <!--[if lt IE 9]> <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script> <![endif]--> <!-- Mobile Specific Metas ================================================== --> <meta name="viewport" ...[3851 bytes skipped]... | ||
http://newspapersineducationwr.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://newspapersineducationwr.com/wp-content/plugins/gallery-plugin/fancybox/jquery.mousewheel-3.0.4.pack.js?ver=4.0.1 | 200 OK Content-Length: 1279 Content-Type: application/javascript | clean |
http://newspapersineducationwr.com/wp-content/plugins/gallery-plugin/fancybox/jquery.fancybox-1.3.4.pack.js?ver=4.0.1 | 200 OK Content-Length: 15624 Content-Type: application/javascript | clean |
http://newspapersineducationwr.com/wp-content/themes/niewr/admin/composer/assets/js_composer_front.js?ver=4.0.1 | 200 OK Content-Length: 12467 Content-Type: application/javascript | clean |
http://newspapersineducationwr.com/wp-content/themes/niewr/js/bootstrap.min.js?ver=4.0.1 | 200 OK Content-Length: 22455 Content-Type: application/javascript | clean |
http://newspapersineducationwr.com/wp-content/themes/niewr/js/jquery.easing.1.3.js?ver=4.0.1 | 200 OK Content-Length: 8097 Content-Type: application/javascript | clean |
http://newspapersineducationwr.com/wp-content/themes/niewr/js/jquery.cycle.min.js?ver=4.0.1 | 200 OK Content-Length: 26567 Content-Type: application/javascript | clean |
http://newspapersineducationwr.com/wp-content/themes/niewr/js/jquery.prettyPhoto.js?ver=4.0.1 | 200 OK Content-Length: 23508 Content-Type: application/javascript | clean |
http://newspapersineducationwr.com/wp-content/themes/niewr/js/jquery.validate.min.js?ver=4.0.1 | 200 OK Content-Length: 25307 Content-Type: application/javascript | clean |
http://newspapersineducationwr.com/wp-content/themes/niewr/js/jquery.jplayer.min.js?ver=4.0.1 | 200 OK Content-Length: 42856 Content-Type: application/javascript | clean |
http://newspapersineducationwr.com/wp-content/themes/niewr/js/jquery.preloader.js?ver=4.0.1 | 200 OK Content-Length: 1068 Content-Type: application/javascript | clean |
http://newspapersineducationwr.com/wp-content/themes/niewr/js/camera.js?ver=4.0.1 | 200 OK Content-Length: 68515 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ;(function($){$.fn.camera = function(opts, callback) { var defaults = { alignment : 'center', autoAdvance : true, mobileAutoAdvance : true, barDirection : 'leftToRight', barPosition : 'bottom', cols : 6, easing : 'easeInOutExpo', mobileEasing : '', fx : 'random', mobileFx : '', gridDifference : 250, } else { var camera_thumbs_wrap = wrap; } } })(jQuery); ;(function($){$.fn.cameraPause = function() { var wrap = $(this); var elem = $('.camera_src',wrap); elem.addClass('paused'); } })(jQuery); ;(function($){$.fn.cameraResume = function() { var wrap = $(this); var elem = $('.camera_src',wrap); if(typeof autoAdv === 'undefined' || autoAdv!==true){ elem.removeClass('paused'); } } })(jQuery); Antivirus reports:
| ||
http://newspapersineducationwr.com/wp-content/themes/niewr/js/scripts.js?ver=4.0.1 | 200 OK Content-Length: 11692 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: newspapersineducationwr.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 29 Dec 2014 04:14:26 GMT
Pragma: no-cache
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://newspapersineducationwr.com/>; rel=shortlink
Set-Cookie: PHPSESSID=2ee315f413ba022aff102bddb717d8cf; path=/
X-Pingback: http://newspapersineducationwr.com/xmlrpc.php
X-Powered-By: PHP/5.3.28
GET / HTTP/1.1
Host: newspapersineducationwr.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 29 Dec 2014 04:14:26 GMT
Pragma: no-cache
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://newspapersineducationwr.com/>; rel=shortlink
Set-Cookie: PHPSESSID=2ee315f413ba022aff102bddb717d8cf; path=/
X-Pingback: http://newspapersineducationwr.com/xmlrpc.php
X-Powered-By: PHP/5.3.28
Second query (visit from search engine):
GET / HTTP/1.1
Host: newspapersineducationwr.com
Referer: http://www.google.com/search?q=newspapersineducationwr.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: newspapersineducationwr.com
Referer: http://www.google.com/search?q=newspapersineducationwr.com
Result:
The result is similar to the first query. There are no suspicious redirects found.