Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://poltv-over.net/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: poltv-over.net Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 07 Apr 2014 19:01:05 GMT Location: http://dachdeckerei-lauenburg.de/BlueIce/clk.php Server: Apache/2.0.64 (Unix) mod_ssl/2.0.64 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Content-Length: 432 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://poltv-over.net/ | 200 OK Content-Length: 31840 Content-Type: text/html | clean |
http://poltv-over.net/wp-content/themes/quickstart/prettyPhoto/js/jquery-1.4.4.min.js | 200 OK Content-Length: 78600 Content-Type: application/javascript | clean |
http://poltv-over.net/wp-content/themes/quickstart/prettyPhoto/js/jquery.prettyPhoto.js | 200 OK Content-Length: 23508 Content-Type: application/javascript | clean |
http://poltv-over.net/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 93085 Content-Type: application/javascript | clean |
http://poltv-over.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://poltv-over.net/wp-content/plugins/wp-image-tooltip/jquery.cluetip.js?ver=3.8.1 | 200 OK Content-Length: 23949 Content-Type: application/javascript | clean |
http://poltv-over.net/wp-content/plugins/wp-e-commerce/wpsc-core/js/wp-e-commerce.js?ver=3.8.9.5.649230 | 200 OK Content-Length: 30065 Content-Type: application/javascript | clean |
http://poltv-over.net/wp-content/plugins/wp-e-commerce/wpsc-core/js/jquery.infieldlabel.min.js?ver=3.8.9.5.649230 | 200 OK Content-Length: 1787 Content-Type: application/javascript | clean |
http://poltv-over.net/wp-content/plugins/wp-e-commerce/wpsc-core/js/ajax.js?ver=3.8.9.5.649230 | 200 OK Content-Length: 2693 Content-Type: application/javascript | clean |
http://poltv-over.net/index.php?wpsc_user_dynamic_js=true&ver=3.8.9.5.649230 | 200 OK Content-Length: 986 Content-Type: text/javascript | clean |
http://poltv-over.net/wp-content/plugins/wp-e-commerce/wpsc-admin/js/jquery.livequery.js?ver=1.0.3 | 200 OK Content-Length: 6714 Content-Type: application/javascript | clean |
http://poltv-over.net/wp-content/plugins/wp-e-commerce/wpsc-core/js/user.js?ver=3.8.9.5649230 | 200 OK Content-Length: 14672 Content-Type: application/javascript | clean |
http://poltv-over.net/wp-content/plugins/wp-e-commerce/wpsc-core/js/thickbox.js?ver=Instinct_e-commerce | 200 OK Content-Length: 14444 Content-Type: application/javascript | clean |
http://poltv-over.net/wp-content/themes/quickstart/inc/js/jquery.ui.js?ver=3.8.1 | 200 OK Content-Length: 45197 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(c,j){function k(a){return!c(a).parents().andSelf().filter(function(){return c.curCSS(this,"visibility")==="hidden"||c.expr.filters.hidden(this)}).length}c.ui=c.ui||{};if(!c.ui.version){c.extend(c.ui,{version:"1.8.4",plugin:{add:function(a,b,d){a=c.ui[a].prototype;for(var e in d){a.plugins[e]=a.plugins[e]||[];a.plugins[e].push([b,d[e]])}},call:function(a,b,d){if((b=a.plugins[b])&&a.element[0].parentNode)for(var e=0;e<b.length;e++)a.options[b[e][0]]&&b[e][1].apply(a.el b.dequeue()})})}})(jQuery); ; Antivirus reports:
| ||
http://poltv-over.net/wp-content/themes/quickstart/inc/js/jquery.cycle.all.js?ver=3.8.1 | 200 OK Content-Length: 31539 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=poltv-over.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://poltv-over.net/
Result: poltv-over.net is not infected or malware details are not published yet.
Result: poltv-over.net is not infected or malware details are not published yet.