Scanned pages/files
| Request | Server response | Status |
http://taiijas.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 22 Dec 2014 22:27:28 GMT Location: http://www.taiijas.com/ Server: nginx/1.6.2 Vary: Accept-Encoding Content-Length: 292 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.taiijas.com/ | 200 OK Content-Length: 40146 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) $jean = jQuery.noConflict(); $jean(document).ready(function($) { $("#frmSubscribe").submit(function(event){ event.preventDefault(); if ( $("#email").val() ){ var reg = /^([a-zA-Z0-9_\.\-\+])+\@(([a-zA-Z0-9\-]{1,})+\.)+([a-zA-Z0-9]{2,})+$/; if( !reg.test($("#email").val()) ){ $("#subscribeInfo").html("<span class=\"error\">Invalid email id.</span>"); }else{ $("#subscribeInfo").html("<strong>Loading.......</strong>"); var data = "email="+$("#email").val(); var url = "http://www.taiijas.com/wp-content/plugins/easy-automatic-newsletter/includes/ean-subscription.php"; $.post(url, data, function(response) { $("#subscribeInfo").html(response); $("#email").val(""); }); } }else{ $("#subscribeInfo").html("<span class=\"error\">Please enter email id.</span>"); } }); }); Antivirus reports:
| ||
http://www.taiijas.com/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 95807 Content-Type: application/javascript | clean |
http://www.taiijas.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://www.taiijas.com/wp-content/plugins/buddypress/bp-core/js/confirm.min.js?ver=2.1 | 200 OK Content-Length: 220 Content-Type: application/javascript | clean |
http://www.taiijas.com/wp-content/plugins/buddypress/bp-core/js/widget-members.min.js?ver=2.1 | 200 OK Content-Length: 1068 Content-Type: application/javascript | clean |
http://www.taiijas.com/wp-content/plugins/buddypress/bp-core/js/jquery-query.min.js?ver=2.1 | 200 OK Content-Length: 218 Content-Type: application/javascript | clean |
http://www.taiijas.com/wp-content/plugins/buddypress/bp-core/js/jquery-cookie.min.js?ver=2.1 | 200 OK Content-Length: 1362 Content-Type: application/javascript | clean |
http://www.taiijas.com/wp-content/plugins/buddypress/bp-core/deprecated/js/jquery-scroll-to.min.js?ver=2.1 | 200 OK Content-Length: 2290 Content-Type: application/javascript | clean |
http://www.taiijas.com/wp-content/plugins/buddypress/bp-templates/bp-legacy/js/buddypress.min.js?ver=2.1 | 200 OK Content-Length: 31377 Content-Type: application/javascript | clean |
http://www.taiijas.com/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=4.0.1 | 200 OK Content-Length: 83792 Content-Type: application/javascript | clean |
http://www.taiijas.com/wp-content/themes/imag-mag/js/jquery.mobilemenu.min.js?ver=4.0.1 | 200 OK Content-Length: 2052 Content-Type: application/javascript | clean |
http://www.taiijas.com/wp-content/themes/imag-mag/js/jquery.easing.1.3.js?ver=4.0.1 | 200 OK Content-Length: 10091 Content-Type: application/javascript | clean |
http://www.taiijas.com/wp-content/plugins/facebookall/assets/js/fball_connect.js?ver=1.0.0 | 200 OK Content-Length: 1614 Content-Type: application/javascript | clean |
http://taiijas.com/wp-content/plugins/highslide-4-wordpress-reloaded/highslide.min.js?ver=4113v124 | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=0 Connection: close Date: Mon, 22 Dec 2014 22:27:38 GMT Location: http://www.taiijas.com/wp-content/plugins/highslide-4-wordpress-reloaded/highslide.min.js?ver=4113v124 Server: nginx/1.6.2 Vary: Accept-Encoding Content-Length: 371 Content-Type: text/html; charset=iso-8859-1 Expires: Mon, 22 Dec 2014 22:27:37 GMT | clean |
http://www.taiijas.com/wp-content/plugins/highslide-4-wordpress-reloaded/highslide.min.js?ver=4113v124 | 200 OK Content-Length: 47973 Content-Type: application/javascript | clean |
http://www.taiijas.com/wp-includes/js/comment-reply.min.js?ver=4.0.1 | 200 OK Content-Length: 757 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: taiijas.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 22 Dec 2014 22:27:28 GMT
Location: http://www.taiijas.com/
Server: nginx/1.6.2
Vary: Accept-Encoding
Content-Length: 292
Content-Type: text/html; charset=iso-8859-1
...292 bytes of data.
GET / HTTP/1.1
Host: taiijas.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 22 Dec 2014 22:27:28 GMT
Location: http://www.taiijas.com/
Server: nginx/1.6.2
Vary: Accept-Encoding
Content-Length: 292
Content-Type: text/html; charset=iso-8859-1
...292 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: taiijas.com
Referer: http://www.google.com/search?q=taiijas.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: taiijas.com
Referer: http://www.google.com/search?q=taiijas.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=taiijas.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://taiijas.com/
Result: taiijas.com is not infected or malware details are not published yet.
Result: taiijas.com is not infected or malware details are not published yet.