Scanned pages/files
Request | Server response | Status |
http://shelbysworld.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 25 Apr 2014 00:05:08 GMT Location: http://www.Shelbysworld.com/ Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://www.liomusic.com/_dev/xmlrpc.php | clean |
http://www.shelbysworld.com/ | 200 OK Content-Length: 27957 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) jQuery("#1746499146_uftp_container").css({"height":"auto"}); jQuery(window).load(function() { uftpStartSlideshow("1746499146","1","",""); jQuery("#1746499146_uftp_container").css({"opacity":"1.0"}); }); Antivirus reports:
| ||
http://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js?ver=3.3.1 | 200 OK Content-Length: 91556 Content-Type: text/javascript | clean |
http://stratus.sc/stratus.js?ver=3.3.1 | 200 OK Content-Length: 2259 Content-Type: application/javascript | clean |
http://www.liomusic.com/_dev/wp-content/plugins/wp-tabular/js/site/jquery.cookie.js?ver=3.3.1 | 200 OK Content-Length: 1576 Content-Type: text/javascript | clean |
http://www.liomusic.com/_dev/wp-content/plugins/wp-tabular/js/site/jquery.prettyPhoto.js?ver=3.3.1 | 200 OK Content-Length: 24947 Content-Type: text/javascript | clean |
http://www.liomusic.com/_dev/wp-content/plugins/xhanch-my-twitter/js/innerfade.js?ver=3.3.1 | 200 OK Content-Length: 5443 Content-Type: text/javascript | clean |
http://www.liomusic.com/_dev/wp-content/plugins/xhanch-my-twitter/js/marquee.js?ver=3.3.1 | 200 OK Content-Length: 2320 Content-Type: text/javascript | clean |
http://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js?ver=2.2 | 200 OK Content-Length: 10220 Content-Type: text/javascript | clean |
http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.9/jquery-ui.min.js?ver=3.3.1 | 200 OK Content-Length: 198588 Content-Type: text/javascript | clean |
http://www.liomusic.com/_dev/wp-content/plugins/shortcodes-ultimate/js/jwplayer.js?ver=3.7.0 | 200 OK Content-Length: 93588 Content-Type: text/javascript | clean |
http://www.liomusic.com/_dev/wp-content/plugins/shortcodes-ultimate/js/nivoslider.js?ver=3.7.0 | 200 OK Content-Length: 15919 Content-Type: text/javascript | clean |
http://www.liomusic.com/_dev/wp-content/plugins/shortcodes-ultimate/js/jcarousel.js?ver=3.7.0 | 200 OK Content-Length: 15650 Content-Type: text/javascript | clean |
http://www.liomusic.com/_dev/wp-content/plugins/shortcodes-ultimate/js/init.js?ver=3.7.0 | 200 OK Content-Length: 1860 Content-Type: text/javascript | clean |
http://www.liomusic.com/_dev/wp-content/plugins/social-media-tabs/js/jquery.dcsmt.1.0.js?ver=3.3.1 | 200 OK Content-Length: 21882 Content-Type: text/javascript | clean |
http://www.liomusic.com/_dev/wp-includes/js/comment-reply.js?ver=20090102 | 200 OK Content-Length: 786 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: shelbysworld.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 25 Apr 2014 00:05:08 GMT
Location: http://www.Shelbysworld.com/
Server: Apache
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.liomusic.com/_dev/xmlrpc.php
...0 bytes of data.
GET / HTTP/1.1
Host: shelbysworld.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 25 Apr 2014 00:05:08 GMT
Location: http://www.Shelbysworld.com/
Server: Apache
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.liomusic.com/_dev/xmlrpc.php
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: shelbysworld.com
Referer: http://www.google.com/search?q=shelbysworld.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: shelbysworld.com
Referer: http://www.google.com/search?q=shelbysworld.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=shelbysworld.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://shelbysworld.com/
Result: shelbysworld.com is not infected or malware details are not published yet.
Result: shelbysworld.com is not infected or malware details are not published yet.