See: htxp://preferredhotelrates.com/
SE visitors redirects
Visitors from search engines are redirected
to: htxp://opec.lflink.com/
opec.lflink.com is reported by Google as suspicious
7166 sites infected with redirects to this URL
Detection missed here:
http://www.websicherheit.at/web-security-test-scanner/Confirmed here:
http://sitecheck.sucuri.net/results/preferredhotelrates.com/ISSUE DETECTED DEFINITION INFECTED URL
Website Malware malware-entry-mwblacklisted35 htxp://preferredhotelrates.com/about-us
Web application version:
Joomla Version 1.5.18 - 1.5.26 for:
http://preferredhotelrates.com//media/system/js/caption.jsJoomla version outdated: Upgrade required.
Outdated Joomla Found: Joomla under 2.5.20 or 3.3
Mentioned in this list:
http://johnpc.home.xs4all.nl/vulnerable_sites-ips.txtPotentially suspicious file:
plugins/content/plugin_jw_ts/tabs_slides_comp.js
Severity: Potentially Suspicious
Reason: Detected potentially suspicious content.
Details: Detected potentially suspicious initialization of function pointer to JavaScript method write <code> __tmpvar652329893 = write; <code/>
Threat dump:
http://jsfiddle.net/pA3SS/Threat dump MD5: F04E022C0C9DA0CC04D2535F19F19EEC
File size[byte]: 5367
File type: ASCII
MD5: BE7C24CC472F71F680EC3371FEC7C320
Scan duration[sec]: 0.279000
polonus