Scanned pages/files
Request | Server response | Status |
http://sarahraven.com/ | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=1209600 Connection: close Date: Tue, 03 Jun 2014 10:53:04 GMT Location: http://www.sarahraven.com/ Server: Apache/2.2.3 (Red Hat) Content-Length: 314 Content-Type: text/html; charset=iso-8859-1 Expires: Tue, 17 Jun 2014 10:53:04 GMT | clean |
http://www.sarahraven.com/ | 200 OK Content-Length: 16699 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var axel = Math.random() + ""; var a = axel * 10000000000000; document.write('<iframe src="http://fls.doubleclick.net/activityi;src=3505107;type=re-ta358;cat=re-ta842;ord=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>'); Antivirus reports:
| ||
http://www.sarahraven.com/misc/jquery.js?v | 200 OK Content-Length: 31028 Content-Type: text/javascript | clean |
http://sarahraven.com/misc/drupal.js?v | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=1209600 Connection: close Date: Tue, 03 Jun 2014 10:53:06 GMT Location: http://www.sarahraven.com/misc/drupal.js?v Server: Apache/2.2.3 (Red Hat) Content-Length: 330 Content-Type: text/html; charset=iso-8859-1 Expires: Tue, 17 Jun 2014 10:53:06 GMT | clean |
http://www.sarahraven.com/misc/drupal.js?v | 200 OK Content-Length: 10538 Content-Type: text/javascript | clean |
http://sarahraven.com/sites/all/modules/google_analytics/googleanalytics.js?v | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=1209600 Connection: close Date: Tue, 03 Jun 2014 10:53:07 GMT Location: http://www.sarahraven.com/sites/all/modules/google_analytics/googleanalytics.js?v Server: Apache/2.2.3 (Red Hat) Content-Length: 369 Content-Type: text/html; charset=iso-8859-1 Expires: Tue, 17 Jun 2014 10:53:07 GMT | clean |
http://www.sarahraven.com/sites/all/modules/google_analytics/googleanalytics.js?v | 200 OK Content-Length: 2268 Content-Type: text/javascript | clean |
http://sarahraven.com/sites/all/modules/lightbox2/js/lightbox.js?v | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=1209600 Connection: close Date: Tue, 03 Jun 2014 10:53:07 GMT Location: http://www.sarahraven.com/sites/all/modules/lightbox2/js/lightbox.js?v Server: Apache/2.2.3 (Red Hat) Content-Length: 358 Content-Type: text/html; charset=iso-8859-1 Expires: Tue, 17 Jun 2014 10:53:07 GMT | clean |
http://www.sarahraven.com/sites/all/modules/lightbox2/js/lightbox.js?v | 200 OK Content-Length: 45126 Content-Type: text/javascript | clean |
http://sarahraven.com/sites/all/modules/mollom/mollom.js?v | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=1209600 Connection: close Date: Tue, 03 Jun 2014 10:53:08 GMT Location: http://www.sarahraven.com/sites/all/modules/mollom/mollom.js?v Server: Apache/2.2.3 (Red Hat) Content-Length: 350 Content-Type: text/html; charset=iso-8859-1 Expires: Tue, 17 Jun 2014 10:53:08 GMT | clean |
http://www.sarahraven.com/sites/all/modules/mollom/mollom.js?v | 200 OK Content-Length: 1571 Content-Type: text/javascript | clean |
http://sarahraven.com/sites/all/modules/panels/js/panels.js?v | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=1209600 Connection: close Date: Tue, 03 Jun 2014 10:53:08 GMT Location: http://www.sarahraven.com/sites/all/modules/panels/js/panels.js?v Server: Apache/2.2.3 (Red Hat) Content-Length: 353 Content-Type: text/html; charset=iso-8859-1 Expires: Tue, 17 Jun 2014 10:53:08 GMT | clean |
http://www.sarahraven.com/sites/all/modules/panels/js/panels.js?v | 200 OK Content-Length: 729 Content-Type: text/javascript | clean |
http://sarahraven.com/sites/all/modules/thickbox/thickbox.js?v | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=1209600 Connection: close Date: Tue, 03 Jun 2014 10:53:08 GMT Location: http://www.sarahraven.com/sites/all/modules/thickbox/thickbox.js?v Server: Apache/2.2.3 (Red Hat) Content-Length: 354 Content-Type: text/html; charset=iso-8859-1 Expires: Tue, 17 Jun 2014 10:53:08 GMT | clean |
http://www.sarahraven.com/sites/all/modules/thickbox/thickbox.js?v | 200 OK Content-Length: 14811 Content-Type: text/javascript | clean |
http://sarahraven.com/sites/all/themes/sarah2010/js/jquery.cycle.min.js?v | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=1209600 Connection: close Date: Tue, 03 Jun 2014 10:53:09 GMT Location: http://www.sarahraven.com/sites/all/themes/sarah2010/js/jquery.cycle.min.js?v Server: Apache/2.2.3 (Red Hat) Content-Length: 365 Content-Type: text/html; charset=iso-8859-1 Expires: Tue, 17 Jun 2014 10:53:09 GMT | clean |
http://www.sarahraven.com/sites/all/themes/sarah2010/js/jquery.cycle.min.js?v | 200 OK Content-Length: 14576 Content-Type: text/javascript | clean |
http://sarahraven.com/sites/all/themes/sarah2010/js/global.js?v | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=1209600 Connection: close Date: Tue, 03 Jun 2014 10:53:09 GMT Location: http://www.sarahraven.com/sites/all/themes/sarah2010/js/global.js?v Server: Apache/2.2.3 (Red Hat) Content-Length: 355 Content-Type: text/html; charset=iso-8859-1 Expires: Tue, 17 Jun 2014 10:53:09 GMT | clean |
http://www.sarahraven.com/sites/all/themes/sarah2010/js/global.js?v | 200 OK Content-Length: 1797 Content-Type: text/javascript | clean |
http://sarahraven.com/shop/checkout/cart | 200 OK Content-Length: 10542 Content-Type: text/html | clean |
http://sarahraven.com/shop/js/stars/jquery.js | 200 OK Content-Length: 277992 Content-Type: text/javascript | clean |
http://sarahraven.com/shop/js/stars/jquery.rating.js | 200 OK Content-Length: 14310 Content-Type: text/javascript | clean |
http://www.sarahraven.com/shop/minify/1290687515/js/prototype/prototype.js,/js/prototype/validation.js,/js/scriptaculous/builder.js,/js/scriptaculous/effects.js,/js/scriptaculous/dragdrop.js,/js/scriptaculous/controls.js,/js/scriptaculous/slider.js,/js/varien/js.js,/js/varien/form.js,/js/varien/menu.js,/js/mage/translate.js,/js/mage/cookies.js,/js/varien/weee.js | 200 OK Content-Length: 216118 Content-Type: application/x-javascript | clean |
http://sarahraven.com//config1.veinteractive.com/tags/dd70eaba/6b69/44cf/bec3/51692e937830/tag.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=1209600 Connection: close Date: Tue, 03 Jun 2014 10:53:12 GMT Location: http://www.sarahraven.com/config1.veinteractive.com/tags/dd70eaba/6b69/44cf/bec3/51692e937830/tag.js/ Server: Apache/2.2.3 (Red Hat) Content-Length: 389 Content-Type: text/html; charset=iso-8859-1 Expires: Tue, 17 Jun 2014 10:53:12 GMT | clean |
http://www.sarahraven.com/config1.veinteractive.com/tags/dd70eaba/6b69/44cf/bec3/51692e937830/tag.js/ | 404 Not Found Content-Length: 13930 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: sarahraven.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=1209600
Connection: close
Date: Tue, 03 Jun 2014 10:53:04 GMT
Location: http://www.sarahraven.com/
Server: Apache/2.2.3 (Red Hat)
Content-Length: 314
Content-Type: text/html; charset=iso-8859-1
Expires: Tue, 17 Jun 2014 10:53:04 GMT
...314 bytes of data.
GET / HTTP/1.1
Host: sarahraven.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=1209600
Connection: close
Date: Tue, 03 Jun 2014 10:53:04 GMT
Location: http://www.sarahraven.com/
Server: Apache/2.2.3 (Red Hat)
Content-Length: 314
Content-Type: text/html; charset=iso-8859-1
Expires: Tue, 17 Jun 2014 10:53:04 GMT
...314 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: sarahraven.com
Referer: http://www.google.com/search?q=sarahraven.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: sarahraven.com
Referer: http://www.google.com/search?q=sarahraven.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=sarahraven.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://sarahraven.com/
Result: sarahraven.com is not infected or malware details are not published yet.
Result: sarahraven.com is not infected or malware details are not published yet.