Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=palmsofgoa.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://palmsofgoa.com/ | 200 OK Content-Length: 25237 Content-Type: text/html | clean |
http://palmsofgoa.com/wp-includes/js/jquery/jquery.js?ver=1.8.3 | 200 OK Content-Length: 93658 Content-Type: application/javascript | clean |
http://palmsofgoa.com/wp-content/themes/feast22/js/jquery.jcarousel.min.js | 200 OK Content-Length: 15650 Content-Type: application/javascript | clean |
http://palmsofgoa.com/wp-content/themes/feast22/js/cookie.js | 200 OK Content-Length: 3713 Content-Type: application/javascript | clean |
http://palmsofgoa.com/wp-content/themes/feast22/js/jqModal.js | 200 OK Content-Length: 3355 Content-Type: application/javascript | clean |
http://palmsofgoa.com/wp-content/themes/feast22/js/custom.js | 200 OK Content-Length: 16448 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) jQuery(document).ready(function($) { var init = setInterval(animation, 100); function animation(){ $('.time').each(function() { var deadline1 = $(this).attr('rel'); var deadline2 = $(this).attr('contents'); var now = new Date(); now = Math.floor(now / 1000); now = now + Math.floor(deadline2 * 60 * 60); var counter1 = deadline1 - now; var seconds1=Math.floor(counter1 % 60); if (seconds1 < 10 &a $(img).css('margin-top', Math.floor(((($(window).height()) - 140 - (($(window).height() * 0.7)+20))/2)+40) + 'px'); } $('.gloading').hide(); }).attr('src', trel); $('p.gallerytitle').html(ttitle); }; function cleanup() { $('.gloading').show(); $('a.galclose').fadeOut(0); $('.goverlay img').remove(); $('p.gallerytitle').html(''); } }); Antivirus reports:
| ||
http://palmsofgoa.com/pageabout | 200 OK Content-Length: 19773 Content-Type: text/html | clean |
http://palmsofgoa.com/wp-includes/js/comment-reply.min.js?ver=3.5.2 | 200 OK Content-Length: 786 Content-Type: application/javascript | clean |
http://palmsofgoa.com/testimonials | 200 OK Content-Length: 19651 Content-Type: text/html | clean |
http://palmsofgoa.com/?menu_categories=our-menu | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 07 Jan 2015 20:48:06 GMT Location: http://palmsofgoa.com/menu_categories/our-menu Server: nginx/1.6.2 Content-Type: text/html; charset=UTF-8 X-Pingback: http://palmsofgoa.com/xmlrpc.php X-Powered-By: PHP/5.5.19-1+deb.sury.org~precise+1 | clean |
http://palmsofgoa.com/menu_categories/our-menu | 200 OK Content-Length: 24194 Content-Type: text/html | clean |
http://palmsofgoa.com/booking | 200 OK Content-Length: 25831 Content-Type: text/html | clean |
http://palmsofgoa.com/wp-content/themes/feast22/maptype2.php?latlong=51.518414,-0.134567&mzoom=12&szoom=1&pan=10&measure=metric&streetview=false | 200 OK Content-Length: 1574 Content-Type: text/html | clean |
http://maps.google.com/maps/api/js?sensor=false | 200 OK Content-Length: 4345 Content-Type: text/javascript | clean |
http://palmsofgoa.com/test404page.js | 404 Not Found Content-Length: 570 Content-Type: text/html | clean |
http://palmsofgoa.com/blog | 200 OK Content-Length: 19977 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: palmsofgoa.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 07 Jan 2015 20:48:03 GMT
Server: nginx/1.6.2
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Pingback: http://palmsofgoa.com/xmlrpc.php
X-Powered-By: PHP/5.5.19-1+deb.sury.org~precise+1
GET / HTTP/1.1
Host: palmsofgoa.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 07 Jan 2015 20:48:03 GMT
Server: nginx/1.6.2
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Pingback: http://palmsofgoa.com/xmlrpc.php
X-Powered-By: PHP/5.5.19-1+deb.sury.org~precise+1
Second query (visit from search engine):
GET / HTTP/1.1
Host: palmsofgoa.com
Referer: http://www.google.com/search?q=palmsofgoa.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: palmsofgoa.com
Referer: http://www.google.com/search?q=palmsofgoa.com
Result:
The result is similar to the first query. There are no suspicious redirects found.