Scanned pages/files
Request | Server response | Status |
http://joomlasite.info/ | 200 OK Content-Length: 36878 Content-Type: text/html | clean |
http://joomlasite.info/media/system/js/caption.js | 200 OK Content-Length: 1963 Content-Type: application/javascript | clean |
http://joomlasite.info/modules/mod_ampcontact/mod_ampcontact.js | 200 OK Content-Length: 114 Content-Type: application/javascript | clean |
http://joomlasite.info/plugins/system/pc_includes/ajax_1.2.js | 200 OK Content-Length: 8194 Content-Type: application/javascript | clean |
http://app.sugester.pl/joomla/widget.js | 200 OK Content-Length: 22627 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if (typeof uid == 'undefined'){uid='';};if (typeof sugester_tab == 'undefined'){sugester_tab=1;}; var sx_={};sx_.lib=function(){var F={};var C=/(-[a-z])/gi;var B=function(H,I){return I.charAt(1).toUpperCase()};var G=function(I){var H;if(!(H=F[I])){H=F[I]=I.replace(C,B)}return H};var A=document.defaultView;var E=/alpha\([^\)]*\)/gi;var D=function(J,H){var I=J.style;if(window.ActiveXObject){I.zoom=1;I.filter=(I.filter||"").replace(E,"")+(H==1?"":" alpha(opacity="+(H*100)+")")}else{I.opacity=H} sx_.loadSkin('sugester','http://app.sugester.pl/stylesheets');f1=window.onload;window.onload=function(){sx_.init();if (sugester_tab==1) {document.getElementById('sugester_widget').style.display="block"};if(f1!=undefined)f1()}; Antivirus reports:
| ||
http://joomlasite.info/internet/alternatywa-dla-power-point.html | 200 OK Content-Length: 34926 Content-Type: text/html | clean |
http://joomlasite.info/plugins/content/multithumb/greybox/AJS.js | 200 OK Content-Length: 10652 Content-Type: application/javascript | clean |
http://joomlasite.info/plugins/content/multithumb/greybox/AJS_fx.js | 200 OK Content-Length: 3156 Content-Type: application/javascript | clean |
http://joomlasite.info/plugins/content/multithumb/greybox/gb_scripts.js | 200 OK Content-Length: 11771 Content-Type: application/javascript | clean |
http://joomlasite.info/components/com_jomcomment/script.js?1.8.9 | 200 OK Content-Length: 7370 Content-Type: application/javascript | clean |
http://joomlasite.info/index2.php?option=com_jomcomment&task=userinfo&no_html=1 | 200 OK Content-Length: 925 Content-Type: text/html | clean |
http://joomlasite.info/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://joomlasite.info/internet/alternatywa-dla-power-point/pdf.html | 200 OK Content-Length: 301788 Content-Type: application/pdf | clean |
http://joomlasite.info/internet/alternatywa-dla-power-point/drukuj.html | 200 OK Content-Length: 7943 Content-Type: text/html | clean |
http://joomlasite.info/internet/alternatywa-dla-power-point/ | 404 Nie znaleziono artykuÅu: #0 Content-Length: 1444 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: joomlasite.info
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Wed, 16 Apr 2014 11:19:47 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Wed, 16 Apr 2014 11:19:49 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 87e7dc2217cf25da84cf49d5b4b1ffa5=6056edfab02213c0c9b60bcce194729f; path=/
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: joomlasite.info
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Wed, 16 Apr 2014 11:19:47 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Wed, 16 Apr 2014 11:19:49 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 87e7dc2217cf25da84cf49d5b4b1ffa5=6056edfab02213c0c9b60bcce194729f; path=/
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: joomlasite.info
Referer: http://www.google.com/search?q=joomlasite.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: joomlasite.info
Referer: http://www.google.com/search?q=joomlasite.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=joomlasite.info
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://joomlasite.info/
Result: joomlasite.info is not infected or malware details are not published yet.
Result: joomlasite.info is not infected or malware details are not published yet.