New scan:

Malware Scanner report for workandtravel.gotop100.com

Malicious/Suspicious/Total urls checked
1/0/17
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://workandtravel.gotop100.com/
200 OK
Content-Length: 15707
Content-Type: text/html
clean
http://s7.addthis.com/js/250/addthis_widget.js
200 OK
Content-Length: 262368
Content-Type: text/javascript
clean
http://workandtravel.gotop100.com/members/signup.php
200 OK
Content-Length: 14257
Content-Type: text/html
clean
http://workandtravel.gotop100.com/members/
200 OK
Content-Length: 7810
Content-Type: text/html
clean
http://workandtravel.gotop100.com/members/forgot_pw.php
200 OK
Content-Length: 1719
Content-Type: text/html
clean
http://workandtravel.gotop100.com/members/index.php
200 OK
Content-Length: 7810
Content-Type: text/html
clean
http://workandtravel.gotop100.com/test404page.js
404 Not Found
Content-Length: 570
Content-Type: text/html
clean
http://workandtravel.gotop100.com/members
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 18 Nov 2015 19:43:49 GMT
Location: http://workandtravel.gotop100.com/members/
Server: nginx/1.0.9
Content-Length: 328
Content-Type: text/html; charset=iso-8859-1
clean
http://workandtravel.gotop100.com/out.php?id=103
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 18 Nov 2015 19:43:50 GMT
Pragma: no-cache
Server: nginx/1.0.9
Vary: Accept-Encoding,User-Agent
Content-Length: 359
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=46c51e78ffd7b57683b601f86cfac46b; path=/
X-Powered-By: PHP/5.3.28
clean
http://abcinternational.md/lucru-in-europa/
200 OK
Content-Length: 51486
Content-Type: text/html
clean
http://abcinternational.md/wp-includes/js/jquery/jquery.js
200 OK
Content-Length: 95977
Content-Type: application/javascript
clean
http://abcinternational.md/wp-includes/js/jquery/jquery-migrate.min.js
200 OK
Content-Length: 7200
Content-Type: application/javascript
clean
http://abcinternational.md/wp-content/plugins/photo-gallery/js/bwg_frontend.js
200 OK
Content-Length: 6299
Content-Type: application/javascript
clean
http://abcinternational.md/wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js
200 OK
Content-Length: 10215
Content-Type: application/javascript
clean
http://abcinternational.md/wp-content/plugins/photo-gallery/js/jquery.mobile.js
200 OK
Content-Length: 6419
Content-Type: application/javascript
clean
http://abcinternational.md/wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js
200 OK
Content-Length: 25171
Content-Type: application/javascript
clean
http://abcinternational.md/wp-content/plugins/photo-gallery/js/jquery.fullscreen-0.4.1.js
200 OK
Content-Length: 7583
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

;(function($) {
function defined(a) {
return typeof a !== 'undefined';
}
function extend(child, parent, prototype) {
var F = function() {};
F.prototype = parent.prototype;
child.prototype = new F();
child.prototype.constructor = child;
parent.prototype.constructor = parent;
child._super = parent.prototype;
if (prototype) {
$.extend(child.prototype, prototype);
}
}
var SUBST = [
['', ''],
... 3601 bytes are skipped ...
,
element: function() {
return this.__isFullScreen ? this._fullScreenElement : null;
}
});$.fullscreen = IS_NATIVELY_SUPPORTED
? new FullScreenNative()
: new FullScreenFallback();
$.fn.fullscreen = function(options) {
var elem = this[0];
options = $.extend({
toggleClass: null,
}, options);
options.styles = {
};

if (elem) {
$.fullscreen.open(elem, options);
}
return this;
};
})(jQuery);

Antivirus reports:

Emsisoft
Trojan.Generic.1389340 (B)


Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: workandtravel.gotop100.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 18 Nov 2015 19:43:44 GMT
Server: nginx/1.0.9
Vary: Accept-Encoding,User-Agent
Content-Type: text/html
X-Powered-By: PHP/5.3.28
Second query (visit from search engine):
GET / HTTP/1.1
Host: workandtravel.gotop100.com
Referer: http://www.google.com/search?q=workandtravel.gotop100.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=workandtravel.gotop100.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://workandtravel.gotop100.com/

Result: workandtravel.gotop100.com is not infected or malware details are not published yet.