Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://pomosty-ezdock.pl/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: pomosty-ezdock.pl Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Mon, 09 Feb 2015 12:19:04 GMT Location: http://henfra.vizvaz.com/ Server: IdeaWebServer/v0.80 Content-Length: 181 Content-Type: text/html | malicious |
Scanned pages/files
Request | Server response | Status |
http://pomosty-ezdock.pl/ | 200 OK Content-Length: 31760 Content-Type: text/html | clean |
http://pomosty-ezdock.pl/templates/yoo_expo/warp/libraries/jquery/jquery.js | 200 OK Content-Length: 78592 Content-Type: application/javascript | clean |
http://pomosty-ezdock.pl/media/system/js/caption.js | 200 OK Content-Length: 1963 Content-Type: application/javascript | clean |
http://pomosty-ezdock.pl/templates/yoo_expo/warp/js/warp.js | 200 OK Content-Length: 7465 Content-Type: application/javascript | clean |
http://pomosty-ezdock.pl/templates/yoo_expo/warp/js/accordionmenu.js | 200 OK Content-Length: 1490 Content-Type: application/javascript | clean |
http://pomosty-ezdock.pl/templates/yoo_expo/warp/js/dropdownmenu.js | 200 OK Content-Length: 5701 Content-Type: application/javascript | clean |
http://pomosty-ezdock.pl/templates/yoo_expo/warp/js/spotlight.js | 200 OK Content-Length: 2715 Content-Type: application/javascript | clean |
http://pomosty-ezdock.pl/templates/yoo_expo/js/template.js | 200 OK Content-Length: 1071 Content-Type: application/javascript | clean |
http://pomosty-ezdock.pl/templates/yoo_expo/warp/js/search.js | 200 OK Content-Length: 5461 Content-Type: application/javascript | clean |
http://pomosty-ezdock.pl/modules/mod_altraswitcher/js/mootools.svn.js | 200 OK Content-Length: 190748 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var MooTools = { version: '1.11' }; function $defined(obj){ return (obj != undefined); }; function $type(obj){ if (!$defined(obj)) return false; if (obj.htmlElement) return 'element'; var type = typeof obj; if (type == 'object' && obj.nodeName){ switch(obj.nodeType){ case 1: return 'element'; case 3: return (/\S/).test(obj.nodeValue) ? 'textnode' : ' obj[i] = {}; var hide = (i != index) || (this.options.alwaysHide && (el.offsetHeight > 0)); this.fireEvent(hide ? 'onBackground' : 'onActive', [this.togglers[i], el]); for (var fx in this.effects) obj[i][fx] = hide ? 0 : el[this.effects[fx]]; }, this); return this.start(obj); }, showThisHideOpen: function(index){return this.display(index);} }); Fx.Accordion = Accordion; Antivirus reports:
| ||
http://pomosty-ezdock.pl/modules/mod_altraswitcher/js/lofslidernews.mt11.js | 200 OK Content-Length: 8793 Content-Type: application/javascript | clean |
http://pomosty-ezdock.pl/plugins/system/flowplayer_r/javascripts/flowplayer-3.2.4.min.js | 200 OK Content-Length: 15723 Content-Type: application/javascript | clean |
http://pomosty-ezdock.pl/pobierz-katalog.html | 200 OK Content-Length: 25674 Content-Type: text/html | clean |
http://pomosty-ezdock.pl/modules/mod_jsn_imageshow_pro/jsn_imageshow_pro/swfobject.js | 200 OK Content-Length: 6880 Content-Type: application/javascript | clean |
http://pomosty-ezdock.pl/modules/mod_jsn_imageshow_pro/jsn_imageshow_pro/swfobject_addon.js | 200 OK Content-Length: 839 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=pomosty-ezdock.pl
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://pomosty-ezdock.pl/
Result: pomosty-ezdock.pl is not infected or malware details are not published yet.
Result: pomosty-ezdock.pl is not infected or malware details are not published yet.