New scan:

Malware Scanner report for crissanglefloatit.com

Malicious/Suspicious/Total urls checked
0/1/17
1 page has suspicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://crissanglefloatit.com/
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=900
Connection: close
Date: Sun, 16 Nov 2014 01:37:46 GMT
Age: 1
Location: http://crissangel.com
Server: Microsoft-IIS/7.5
Content-Length: 0
Content-Type: text/html
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
clean
http://crissangel.com/
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 16 Nov 2014 01:37:47 GMT
Location: https://crissangel.com/
Server: Apache
Content-Length: 231
Content-Type: text/html; charset=iso-8859-1
Keep-Alive: timeout=5, max=99
Set-Cookie: X-Mapping-fjhppofk=94F9F76A8151DB17A0B7CF5D749F628B; path=/
clean
https://crissangel.com/
200 OK
Content-Length: 51245
Content-Type: text/html
suspicious
Suspicious code. Script contains iFrame.

...[457 bytes skipped]...
tener?f.addEventListener(r,s,false):f.attachEvent("on"+r,s);var ld=function(){function p(hd){
hd="head";return["<",hd,"></",hd,"><",i,' onl' + 'oad="var d=',g,";d.getElementsByTagName('head')[0].",j,"(d.",h,"('script')).",k,"='",l,"//",a.l,"'",'"',"></",i,">"].join("")}var i="body",m=d[i];if(!m){
return setTimeout(ld,100)}a.P(1);var j="appendChild",h="createElement",k="src",n=d[h]("div"),v=n[j](d[h](z)),b=d[h]("iframe"),g="document",e="domain",o;n.style.display="none";m.insertBefore(n,m.firstChild).id=z;b.frameBorder="0";b.id=z+"-loader";if(/MSIE[ ]+6/.test(navigator.userAgent)){
b.src="javascript:false"}b.allowTransparency="true";v[j](b);try{
b.contentWindow[g].open()}catch(w){
c[e]=d[e];o="javascript:var d="+g+".open();d.domain='"+d.domain+"';";b[k]=o+"void(0);"}try{
var t=b.contentWindow[g];t.write(p());t.close()}catch(x){
b[k]=o+'d.write("'+p().replace(/"/g,String.fromCharCo
...[290 bytes skipped]...

Decoded script:


function s() {
a.P(r);
f[z](r);
}

https://crissangel.com/js/my_igallery/jquery.js
200 OK
Content-Length: 94877
Content-Type: text/javascript
clean
https://crissangel.com/js/my_igallery/jquery.noconflict.js
200 OK
Content-Length: 20
Content-Type: text/javascript
clean
https://crissangel.com/js/prototype/prototype.min.js
200 OK
Content-Length: 163313
Content-Type: text/javascript
clean
https://crissangel.com/js/lib/ccard.js
200 OK
Content-Length: 747
Content-Type: text/javascript
clean
https://crissangel.com/js/prototype/validation.min.js
200 OK
Content-Length: 23216
Content-Type: text/javascript
clean
https://crissangel.com/js/scriptaculous/builder.js
200 OK
Content-Length: 3002
Content-Type: text/javascript
clean
https://crissangel.com/js/scriptaculous/effects.js
200 OK
Content-Length: 29714
Content-Type: text/javascript
clean
https://crissangel.com/js/scriptaculous/dragdrop.js
200 OK
Content-Length: 22920
Content-Type: text/javascript
clean
https://crissangel.com/js/scriptaculous/controls.js
200 OK
Content-Length: 23676
Content-Type: text/javascript
clean
https://crissangel.com/js/scriptaculous/slider.js
200 OK
Content-Length: 7697
Content-Type: text/javascript
clean
https://crissangel.com/js/varien/js.js
200 OK
Content-Length: 13365
Content-Type: text/javascript
clean
https://crissangel.com/js/varien/form.js
200 OK
Content-Length: 8329
Content-Type: text/javascript
clean
https://crissangel.com/js/varien/menu.js
200 OK
Content-Length: 1870
Content-Type: text/javascript
clean
https://crissangel.com/js/mage/translate.js
200 OK
Content-Length: 1597
Content-Type: text/javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: crissanglefloatit.com

Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=900
Connection: close
Date: Sun, 16 Nov 2014 01:37:46 GMT
Age: 1
Location: http://crissangel.com
Server: Microsoft-IIS/7.5
Content-Length: 0
Content-Type: text/html
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: crissanglefloatit.com
Referer: http://www.google.com/search?q=crissanglefloatit.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=crissanglefloatit.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://crissanglefloatit.com/

Result: crissanglefloatit.com is not infected or malware details are not published yet.