Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.subhanarayan.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.subhanarayan.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 29 Aug 2014 00:52:19 GMT Location: http://morindasugar.com/Controls/clik.php Server: Apache Content-Length: 319 Content-Type: text/html; charset=iso-8859-1 | malicious |
URL: http://morindasugar.com/Controls/clik.php (imitation of visitor from search engine) GET /Controls/clik.php HTTP/1.1 Host: morindasugar.com Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 302 Found Date: Fri, 29 Aug 2014 00:52:16 GMT Location: http://localhost/ Server: Microsoft-IIS/7.5 Content-Length: 142 Content-Type: text/html; charset=UTF-8 X-Powered-By: ASP.NET X-Powered-By-Plesk: PleskWin | malicious |
Scanned pages/files
Request | Server response | Status |
http://www.subhanarayan.com/ | 200 OK Content-Length: 6339 Content-Type: text/html | clean |
http://www.subhanarayan.com/index.php | 200 OK Content-Length: 6339 Content-Type: text/html | clean |
http://www.subhanarayan.com/pictures/index.php/ | 200 OK Content-Length: 6482 Content-Type: text/html | clean |
http://www.subhanarayan.com/pictures/index.php/combined/javascript/0749bea1f16ba30dd74efba6bfecf17d | 200 OK Content-Length: 262278 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(!this.JSON){this.JSON={};} (function(){"use strict";function f(n){return n<10?'0'+n:n;} if(typeof Date.prototype.toJSON!=='function'){Date.prototype.toJSON=function(key){return isFinite(this.valueOf())?this.getUTCFullYear()+'-'+ f(this.getUTCMonth()+1)+'-'+ f(this.getUTCDate())+'T'+ f(this.getUTCHours())+':'+ f(this.getUTCMinutes())+':'+ f(this.getUTCSeconds())+'Z':null;};String.prototype.toJSON=Number.prototype.toJSON=Boolean.prototype.toJSON=function(key){retu }); } if ($("#g-photo,#g-movie").length) { $("#g-photo,#g-movie").gallery_fit_photo(); $("#g-photo,#g-movie").hover(function(){ $(this).gallery_context_menu(); }); $.localScroll({ queue: true, duration: 1000, hash: true }); $(this).find(".g-dialog-link").gallery_dialog(); $(this).find(".g-ajax-link").gallery_ajax(); } $.fn.gallery_hover_init(); }); Antivirus reports:
| ||
http://e.cooliris.com/slideshow/v/37732/go.js | 200 OK Content-Length: 630 Content-Type: application/x-javascript | clean |
http://www.subhanarayan.com/pictures/index.php/login/ajax | 200 OK Content-Length: 2128 Content-Type: text/html | clean |
http://www.subhanarayan.com/pictures/index.php/login/ | 404 File Not Found Content-Length: 6158 Content-Type: text/html | clean |
http://www.subhanarayan.com/test404page.js | 200 OK Content-Length: 6339 Content-Type: text/html | clean |
http://www.subhanarayan.com/updates.php | 200 OK Content-Length: 13144 Content-Type: text/html | clean |
http://www.subhanarayan.com/contact_us.php | 200 OK Content-Length: 4765 Content-Type: text/html | clean |
http://www.subhanarayan.com/bone_marrow.php | 200 OK Content-Length: 5433 Content-Type: text/html | clean |
http://www.subhanarayan.com/pictures/index.php/During-treatment | 200 OK Content-Length: 186496 Content-Type: text/html | clean |
http://www.subhanarayan.com/pictures/index.php/combined/javascript/c699b3225001ee4d45774af79e121a54 | 200 OK Content-Length: 267009 Content-Type: application/javascript | clean |
http://www.subhanarayan.com/pictures/index.php/?show=6 | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Fri, 29 Aug 2014 00:52:32 GMT Pragma: no-cache Location: http://www.subhanarayan.com/pictures/index.php/ Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: g3sid=4akkjep63sr2gjf5tt760q00a4; expires=Fri, 05-Sep-2014 00:52:32 GMT; path=/; HttpOnly Set-Cookie: g3sid=c99d34f5f3fbb28830d72491b306d111bd32b09a%7E4akkjep63sr2gjf5tt760q00a4; expires=Fri, 05-Sep-2014 00:52:32 GMT; path=/; httponly | clean |
http://www.subhanarayan.com/pictures/var/albums/During%20treatment.jpg?m=1319513907 | 200 OK Content-Length: 54280 Content-Type: image/jpeg | clean |
http://www.subhanarayan.com/pictures/index.php/form/add/comments/6 | 200 OK Content-Length: 1019 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=subhanarayan.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://subhanarayan.com/
Result: subhanarayan.com is not infected or malware details are not published yet.
Result: subhanarayan.com is not infected or malware details are not published yet.