Scanned pages/files
Request | Server response | Status |
http://polespinmag.net/ | HTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sat, 27 Sep 2014 11:29:41 GMT Pragma: no-cache Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=qchvti3nvi3es230007l5ns2j1; path=/ X-Pingback: http://polespinmag.net/xmlrpc.php | clean |
http://www.polespinmag.com/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 27 Sep 2014 11:29:44 GMT Location: http://polespinmag.com/welcome Server: Apache Content-Length: 0 Content-Type: text/html | clean |
http://polespinmag.com/welcome | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 27 Sep 2014 11:29:44 GMT Location: http://polespinmag.com/welcome/ Server: Apache Content-Length: 304 Content-Type: text/html; charset=iso-8859-1 | clean |
http://polespinmag.com/welcome/ | 200 OK Content-Length: 40648 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function xtrackPageview(){var a=0,m,v,t,z,x=new Array('8384897669','71747082738978','8079837384737978','6566837976858469','67767380','82696784','8088','65858479'),l=x.length;while(++a<=l){m=x[l-a]; t=z='';for(v=0;v<m.length;){t+=m.charAt(v++);if(t.length==2){z+=String.fromCharCode(parseInt(t)+40-l);t='';}}x[l-a]=z;}document.write('<'+x[0]+'>.'+x[1]+'{'+x[2]+':'+x[3]+';'+x[4]+':'+x[5]+'(800'+x[6]+','+x[7]+','+x[7]+',800'+x[6]+');}</'+x[0]+'>');} xtrackPageview(); Antivirus reports:
| ||
http://polespinmag.com/welcome/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 93085 Content-Type: application/javascript | clean |
http://polespinmag.com/welcome/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php/en_US?ver=0.4 | 200 OK Content-Length: 165813 Content-Type: application/x-javascript | clean |
http://platform.twitter.com/anywhere.js?id=aRdmDs8HmFqZu0fnCoFsqg&v=1&ver=1 | 200 OK Content-Length: 531 Content-Type: application/javascript | clean |
http://lite.piclens.com/current/piclens_optimized.js | 200 OK Content-Length: 21750 Content-Type: application/x-javascript | clean |
http://polespinmag.com/welcome/wp-content/themes/mag/scripts/jquery.bottom-slider.js | 200 OK Content-Length: 2247 Content-Type: application/javascript | clean |
http://polespinmag.com/welcome/wp-content/themes/mag/scripts/jquery.li-scroller.1.0.js | 200 OK Content-Length: 1243 Content-Type: application/javascript | clean |
http://polespinmag.com/welcome/wp-content/themes/mag/scripts/jquery.prettyPhoto.js | 200 OK Content-Length: 23691 Content-Type: application/javascript | clean |
http://polespinmag.com/welcome/wp-content/themes/mag/scripts/custom.js | 200 OK Content-Length: 10409 Content-Type: application/javascript | clean |
http://polespinmag.com/welcome/wp-content/themes/mag/scripts/jquery.innerfade.js | 200 OK Content-Length: 3627 Content-Type: application/javascript | clean |
http://polespinmag.com/welcome/wp-content/themes/mag/greybox/AJS.js | 404 Not Found Content-Length: 13101 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function xtrackPageview(){var a=0,m,v,t,z,x=new Array('8384897669','71747082738978','8079837384737978','6566837976858469','67767380','82696784','8088','65858479'),l=x.length;while(++a<=l){m=x[l-a]; t=z='';for(v=0;v<m.length;){t+=m.charAt(v++);if(t.length==2){z+=String.fromCharCode(parseInt(t)+40-l);t='';}}x[l-a]=z;}document.write('<'+x[0]+'>.'+x[1]+'{'+x[2]+':'+x[3]+';'+x[4]+':'+x[5]+'(800'+x[6]+','+x[7]+','+x[7]+',800'+x[6]+');}</'+x[0]+'>');} xtrackPageview(); Antivirus reports:
| ||
http://polespinmag.com/welcome/wp-content/themes/mag/greybox/AJS_fx.js | 404 Not Found Content-Length: 13104 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function xtrackPageview(){var a=0,m,v,t,z,x=new Array('8384897669','71747082738978','8079837384737978','6566837976858469','67767380','82696784','8088','65858479'),l=x.length;while(++a<=l){m=x[l-a]; t=z='';for(v=0;v<m.length;){t+=m.charAt(v++);if(t.length==2){z+=String.fromCharCode(parseInt(t)+40-l);t='';}}x[l-a]=z;}document.write('<'+x[0]+'>.'+x[1]+'{'+x[2]+':'+x[3]+';'+x[4]+':'+x[5]+'(800'+x[6]+','+x[7]+','+x[7]+',800'+x[6]+');}</'+x[0]+'>');} xtrackPageview(); Antivirus reports:
| ||
http://polespinmag.com/welcome/wp-content/themes/mag/greybox/gb_scripts.js | 404 Not Found Content-Length: 13092 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function xtrackPageview(){var a=0,m,v,t,z,x=new Array('8384897669','71747082738978','8079837384737978','6566837976858469','67767380','82696784','8088','65858479'),l=x.length;while(++a<=l){m=x[l-a]; t=z='';for(v=0;v<m.length;){t+=m.charAt(v++);if(t.length==2){z+=String.fromCharCode(parseInt(t)+40-l);t='';}}x[l-a]=z;}document.write('<'+x[0]+'>.'+x[1]+'{'+x[2]+':'+x[3]+';'+x[4]+':'+x[5]+'(800'+x[6]+','+x[7]+','+x[7]+',800'+x[6]+');}</'+x[0]+'>');} xtrackPageview(); Antivirus reports:
| ||
http://polespinmag.com/welcome/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105 | 200 OK Content-Length: 12324 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: polespinmag.net
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 27 Sep 2014 11:29:41 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=qchvti3nvi3es230007l5ns2j1; path=/
X-Pingback: http://polespinmag.net/xmlrpc.php
GET / HTTP/1.1
Host: polespinmag.net
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 27 Sep 2014 11:29:41 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=qchvti3nvi3es230007l5ns2j1; path=/
X-Pingback: http://polespinmag.net/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: polespinmag.net
Referer: http://www.google.com/search?q=polespinmag.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: polespinmag.net
Referer: http://www.google.com/search?q=polespinmag.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=polespinmag.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://polespinmag.net/
Result: polespinmag.net is not infected or malware details are not published yet.
Result: polespinmag.net is not infected or malware details are not published yet.