Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=zaragoza-pirineos2022.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://zaragoza-pirineos2022.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://zaragoza-pirineos2022.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 04 Oct 2014 19:00:28 GMT Location: http://www.zaragoza-pirineos2022.com/ Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://www.zaragoza-pirineos2022.com/xmlrpc.php X-Powered-By: PHP/5.4.32 | clean |
http://www.zaragoza-pirineos2022.com/ | 200 OK Content-Length: 94689 Content-Type: text/html | clean |
http://www.zaragoza-pirineos2022.com/wp-includes/js/l10n.js?ver=20101110 | 200 OK Content-Length: 308 Content-Type: application/x-javascript | clean |
http://www.zaragoza-pirineos2022.com/wp-includes/js/jquery/jquery.js?ver=1.4.4 | 200 OK Content-Length: 78620 Content-Type: application/x-javascript | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 21308 Content-Type: text/javascript | clean |
http://www.zaragoza-pirineos2022.com/wp-content/themes/mystique/js/jquery.mystique.js?ver=2.4.2 | 200 OK Content-Length: 56979 Content-Type: application/x-javascript | clean |
http://www.zaragoza-pirineos2022.com/?mystique=jquery_init&ver=2.4.2 | 200 OK Content-Length: 3416 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var $lang=new Array(); $lang[0]="Posting. Please wait..."; $lang[1]="Your comment was added."; $lang[2]="Post another comment"; jQuery(document).ready(function ($) { if (isIE6) { jQuery('#page').append("<div class='crap-browser-warning'>You're using a old and buggy browser. Switch to a <a href='http://www.mozilla.com/firefox/'>normal browser</a> or consider <a href='http://www.microsoft.com/windows/internet-explorer setup_comment_controls(); setup_comment_ajax(); jQuery('a.print').click(function() { jQuery('.post.single').printElement({printMode:'popup'}); return false; }); jQuery("#navigation").attr("role", "navigation"); jQuery("#primary-content").attr("role", "main"); jQuery("#sidebar").attr("role", "complementary"); jQuery("#searchform").attr("role", "search"); }); Antivirus reports:
| ||
http://zaragoza-pirineos2022.com/test404page.js | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Sat, 04 Oct 2014 19:00:32 GMT Pragma: no-cache Location: http://www.zaragoza-pirineos2022.com/test404page.js Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Last-Modified: Sat, 04 Oct 2014 19:00:33 GMT X-Pingback: http://www.zaragoza-pirineos2022.com/xmlrpc.php X-Powered-By: PHP/5.4.32 | clean |
http://www.zaragoza-pirineos2022.com/test404page.js | 404 Not Found Content-Length: 27777 Content-Type: text/html | clean |
http://www.zaragoza-pirineos2022.com?mystique=jquery_init&ver=2.4.2/ | 200 OK Content-Length: 3416 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var $lang=new Array(); $lang[0]="Posting. Please wait..."; $lang[1]="Your comment was added."; $lang[2]="Post another comment"; jQuery(document).ready(function ($) { if (isIE6) { jQuery('#page').append("<div class='crap-browser-warning'>You're using a old and buggy browser. Switch to a <a href='http://www.mozilla.com/firefox/'>normal browser</a> or consider <a href='http://www.mi ...[3227 bytes skipped]... Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: zaragoza-pirineos2022.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 04 Oct 2014 19:00:28 GMT
Location: http://www.zaragoza-pirineos2022.com/
Server: Apache
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.zaragoza-pirineos2022.com/xmlrpc.php
X-Powered-By: PHP/5.4.32
...0 bytes of data.
GET / HTTP/1.1
Host: zaragoza-pirineos2022.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 04 Oct 2014 19:00:28 GMT
Location: http://www.zaragoza-pirineos2022.com/
Server: Apache
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.zaragoza-pirineos2022.com/xmlrpc.php
X-Powered-By: PHP/5.4.32
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: zaragoza-pirineos2022.com
Referer: http://www.google.com/search?q=zaragoza-pirineos2022.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: zaragoza-pirineos2022.com
Referer: http://www.google.com/search?q=zaragoza-pirineos2022.com
Result:
The result is similar to the first query. There are no suspicious redirects found.