Scanned pages/files
| Request | Server response | Status |
http://meblenems.com.pl/ | 200 OK Content-Length: 21263 Content-Type: text/html | clean |
http://www.meblenems.com.pl/templates/jv_reno/js/jv.script.js.php | 200 OK Content-Length: 80232 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var MooTools={version:'1.11'};function $defined(obj){return(obj!=undefined);};function $type(obj){if(!$defined(obj))return false;if(obj.htmlElement)return'element';var type=typeof obj;if(type=='object'&&obj.nodeName){switch(obj.nodeType){case 1:return'element';case 3:return(/\S/).test(obj.nodeValue)?'textnode':'whitespace';}} if(type=='object'||type=='function'){switch(obj.constructor){case Array:return'array';case RegExp:return'regexp';case Class:return'class';} if(typeo this.timer = setTimeout(memberHover_timeout.bind(this), 50); } } } function memberHover_timeout() { clearTimeout(this.timer); this.className=this.className.replace(new RegExp(" memberhover\\b"), ""); } window.addEvent('domready',function() { }); window.addEvent ('load', function() { jvArticleStyle(); makeEqualHeight($$('#jv-userbox .jv-mod-tl')); memberHover(); }); Antivirus reports:
| ||
http://www.meblenems.com.pl/plugins/content/joomthumbnail/gallery/fancyzoom/FancyZoomHTML.js | 200 OK Content-Length: 14207 Content-Type: application/javascript | clean |
http://www.meblenems.com.pl/plugins/content/joomthumbnail/gallery/fancyzoom/FancyZoom.js | 200 OK Content-Length: 26402 Content-Type: application/javascript | clean |
http://www.meblenems.com.pl/templates/jv_reno/jv_menus/jv_moomenu/jv.moomenu.js | 200 OK Content-Length: 3118 Content-Type: application/javascript | clean |
http://www.meblenems.com.pl/modules/mod_PlimunNivoSlider/js/jquery-1.6.1.min.js | 200 OK Content-Length: 91342 Content-Type: application/javascript | clean |
http://www.meblenems.com.pl/modules/mod_PlimunNivoSlider/js/jquery.nivo.slider.js | 200 OK Content-Length: 25016 Content-Type: application/javascript | clean |
http://meblenems.com.pl/components/com_ckforms/js/calendar.js | 200 OK Content-Length: 15828 Content-Type: application/javascript | clean |
http://meblenems.com.pl/components/com_ckforms/js/ui.datepicker.packed.js | 404 Not Found Content-Length: 247 Content-Type: text/html | clean |
http://meblenems.com.pl/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://meblenems.com.pl/components/com_ckforms/js/formcheck.js | 200 OK Content-Length: 30405 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: meblenems.com.pl
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Thu, 21 Aug 2014 08:31:18 GMT
Pragma: no-cache
ETag: 6666cd76f96956469e7be39d750cc7d9
Server: Apache
Content-Type: text/html
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Thu, 21 Aug 2014 08:31:20 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 9f5ee57dc1809c7d34dea299c9c5bda1=244814e828750dc3a1ea90a34d6fc887; path=/
Set-Cookie: info_test=1
X-Powered-By: PHP/5.2.6-1+lenny13
GET / HTTP/1.1
Host: meblenems.com.pl
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Thu, 21 Aug 2014 08:31:18 GMT
Pragma: no-cache
ETag: 6666cd76f96956469e7be39d750cc7d9
Server: Apache
Content-Type: text/html
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Thu, 21 Aug 2014 08:31:20 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 9f5ee57dc1809c7d34dea299c9c5bda1=244814e828750dc3a1ea90a34d6fc887; path=/
Set-Cookie: info_test=1
X-Powered-By: PHP/5.2.6-1+lenny13
Second query (visit from search engine):
GET / HTTP/1.1
Host: meblenems.com.pl
Referer: http://www.google.com/search?q=meblenems.com.pl
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: meblenems.com.pl
Referer: http://www.google.com/search?q=meblenems.com.pl
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=meblenems.com.pl
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://meblenems.com.pl/
Result: meblenems.com.pl is not infected or malware details are not published yet.
Result: meblenems.com.pl is not infected or malware details are not published yet.