Scanned pages/files
| Request | Server response | Status |
http://www.clubsporium.com/ | HTTP/1.1 301 Moved Permanently Date: Wed, 11 Jun 2014 06:24:53 GMT Location: http://www.clubsporium.com.tr/ Server: Microsoft-IIS/7.5 Content-Length: 240 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://www.clubsporium.com.tr/ | 200 OK Content-Length: 23608 Content-Type: text/html | clean |
http://www.clubsporium.com.tr/Templates/ClubSporium/Koyu/1.0/js/jquery-1.10.1.min.js | 200 OK Content-Length: 93064 Content-Type: application/javascript | clean |
http://www.clubsporium.com.tr/Templates/ClubSporium/Koyu/1.0/js/jquery-migrate-1.2.1.min.js | 200 OK Content-Length: 7199 Content-Type: application/javascript | clean |
http://www.clubsporium.com.tr/js/Func.js | 200 OK Content-Length: 18286 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Element(element_id){ return document.getElementById(element_id); } function checkKeyPressed(evt, func, params) { evt = (evt) ? evt : (window.event) ? event : null; if (evt) { var charCode = (evt.charCode) ? evt.charCode : ((evt.keyCode) ? evt.keyCode : ((evt.which) ? evt.which : 0)); if (charCode == 13) func(params); } } function removeSpaces(string) { var tstrin var _action = rewriteURL($(this).attr('action') + (empty(_srch) ? '' : '&srch=' + urlencode(_srch)) ); $(this).attr('action',_action); }); }); lang_arr_gunler = new Object(); lang_arr_gunler['tr'] = new Array('Pazar', 'Pazartesi','Salı','ÃarÅamba','PerÅembe','Cuma','Cumartesi'); lang_arr_gunler['en'] = new Array('Sunday', 'Monday','Tuesday','Wednesday','Thursday','Friday','Saturday'); Antivirus reports:
| ||
http://www.clubsporium.com.tr/Templates/ClubSporium/Koyu/1.0/js/Func.js | 200 OK Content-Length: 3461 Content-Type: application/javascript | clean |
http://www.clubsporium.com.tr/Templates/ClubSporium/Koyu/1.0/js/tpl.js | 200 OK Content-Length: 4719 Content-Type: application/javascript | clean |
http://www.clubsporium.com.tr/Templates/ClubSporium/Koyu/1.0/js/jquery.maskedinput-1.2.2.min.js | 200 OK Content-Length: 3557 Content-Type: application/javascript | clean |
http://www.clubsporium.com.tr/Templates/ClubSporium/Koyu/1.0/js/jquery.mousewheel.min.js | 200 OK Content-Length: 1392 Content-Type: application/javascript | clean |
http://www.clubsporium.com.tr/Templates/ClubSporium/Koyu/1.0/libs/fancybox/jquery.fancybox.pack.js | 200 OK Content-Length: 23135 Content-Type: application/javascript | clean |
http://www.clubsporium.com.tr/Templates/ClubSporium/Koyu/1.0/js/AC_RunActiveContent.js | 200 OK Content-Length: 8321 Content-Type: application/javascript | clean |
http://www.clubsporium.com.tr/Templates/ClubSporium/Koyu/1.0/libs/bubble-tooltip/js/bubble-tooltip.js | 200 OK Content-Length: 1849 Content-Type: application/javascript | clean |
http://www.clubsporium.com.tr/Templates/ClubSporium/Koyu/1.0/js/addthis.js | 200 OK Content-Length: 63 Content-Type: application/javascript | clean |
http://www.clubsporium.com.tr/Templates/ClubSporium/Koyu/1.0/libs/ekma_accordion_menu/js.js | 200 OK Content-Length: 7298 Content-Type: application/javascript | clean |
http://www.clubsporium.com.tr/Templates/ClubSporium/Koyu/1.0/libs/dhtmlgoodies_calendar/dhtmlgoodies_calendar/dhtmlgoodies_calendar.js | 200 OK Content-Length: 55811 Content-Type: application/javascript | clean |
http://www.clubsporium.com.tr/Templates/ClubSporium/Koyu/1.0/js/ad_marquee.js | 200 OK Content-Length: 2405 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: clubsporium.com
Result:
GET / HTTP/1.1
Host: clubsporium.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: clubsporium.com
Referer: http://www.google.com/search?q=clubsporium.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: clubsporium.com
Referer: http://www.google.com/search?q=clubsporium.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=clubsporium.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://clubsporium.com/
Result: clubsporium.com is not infected or malware details are not published yet.
Result: clubsporium.com is not infected or malware details are not published yet.