Scanned pages/files
Request | Server response | Status |
http://sprucenola.com/ | 200 OK Content-Length: 27075 Content-Type: text/html | clean |
https://sprucenola.com/site/wp-includes/js/jquery/jquery.js?ver=1.7.2 | 200 OK Content-Length: 94861 Content-Type: application/javascript | clean |
https://sprucenola.com/site/wp-content/plugins/jj-nextgen-jquery-slider/script/jquery.nivo.slider.pack.js?ver=2.4 | 200 OK Content-Length: 15919 Content-Type: application/javascript | clean |
https://sprucenola.com/site/wp-content/plugins/jj-nextgen-jquery-slider/script/jquery.jj_ngg_shuffle.js?ver=3.4 | 200 OK Content-Length: 405 Content-Type: application/javascript | clean |
https://sprucenola.com/site/wp-content/plugins/jj-nextgen-jquery-slider/script/jjnggutils.js?ver=3.4 | 200 OK Content-Length: 757 Content-Type: application/javascript | clean |
https://sprucenola.com/site/wp-content/plugins/auto-thickbox-plus/thickbox.min.js?ver=1.6 | 200 OK Content-Length: 24884 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) jQuery(document).ready(function(){"string"!=typeof tb_pathToImage&&(tb_pathToImage=thickboxL10n.loadingAnimation);"string"!=typeof tb_closeImage&&(tb_closeImage=thickboxL10n.closeImage)}); var tb_options={auto_resize:!0,click_img:"close",click_end:"loop",click_bg:"close",wheel_img:"prev_next",keys_close:[27,13],keys_prev:[188,37],keys_next:[190,39],keys_first:[36],keys_last:[35],move_img:!1,move_content:!1,resize_img:!1,resize_content:!1,position_title:"top",position_cap:"bot function tb_hover(a,c,b){!b&&"visible"!=a.css("visibility")&&a.css({visibility:"visible",display:"none"});switch(c){case "zoom":b?a.hide(tb_options.effect_speed):a.show(tb_options.effect_speed);break;case "slide":b?a.slideUp(tb_options.effect_speed):a.slideDown(tb_options.effect_speed);break;case "fade":b?a.fadeOut(tb_options.effect_speed):a.fadeIn(tb_options.effect_speed)}}; Antivirus reports:
| ||
https://sprucenola.com/site/wp-content/plugins/nextgen-gallery/js/jquery.cycle.all.min.js?ver=2.9995 | 200 OK Content-Length: 26590 Content-Type: application/javascript | clean |
https://sprucenola.com/site/wp-content/plugins/nextgen-gallery/js/ngg.slideshow.min.js?ver=1.06 | 200 OK Content-Length: 1791 Content-Type: application/javascript | clean |
https://sprucenola.com/site/wp-content/themes/spruce/js/tabs.js?ver=3.4 | 200 OK Content-Length: 526 Content-Type: application/javascript | clean |
https://sprucenola.com/site/wp-content/themes/spruce/js/validate.js?ver=3.4 | 200 OK Content-Length: 38269 Content-Type: application/javascript | clean |
https://sprucenola.com/site/wp-content/themes/spruce/js/myjquery.js?ver=3.4 | 200 OK Content-Length: 2023 Content-Type: application/javascript | clean |
https://sprucenola.com/site/wp-content/plugins/contact-form-7/includes/js/jquery.form.js?ver=3.09 | 200 OK Content-Length: 14238 Content-Type: application/javascript | clean |
https://sprucenola.com/site/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.2 | 200 OK Content-Length: 6630 Content-Type: application/javascript | clean |
https://sprucenola.com/ | 200 OK Content-Length: 27036 Content-Type: text/html | clean |
https://sprucenola.com/shop/secure/login.php?m=client_login | 200 OK Content-Length: 11972 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: sprucenola.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 06 Jun 2014 15:47:19 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Pingback: https://sprucenola.com/site/xmlrpc.php
GET / HTTP/1.1
Host: sprucenola.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 06 Jun 2014 15:47:19 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Pingback: https://sprucenola.com/site/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: sprucenola.com
Referer: http://www.google.com/search?q=sprucenola.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: sprucenola.com
Referer: http://www.google.com/search?q=sprucenola.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=sprucenola.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://sprucenola.com/
Result: sprucenola.com is not infected or malware details are not published yet.
Result: sprucenola.com is not infected or malware details are not published yet.