Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=eganservices.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://eganservices.com/ | 200 OK Content-Length: 7486 Content-Type: text/html | clean |
http://eganservices.com/media/system/js/caption.js | 200 OK Content-Length: 3549 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var JCaption = new Class({ initialize: function(selector) { this.selector = selector; var images = $$(selector); images.each(function(image){ this.createCaption(image); }, this); }, createCaption: function(element) { var caption = document.createTextNode(element.title); var container = document.createElement("div"); var text = document.createElement("p"); var width = element.getAttribute("width"); var align = Antivirus reports:
| ||
http://eganservices.com/plugins/content/avreloaded/silverlight.js | 200 OK Content-Length: 9815 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(!window.Silverlight)window.Silverlight={};Silverlight._silverlightCount=0;Silverlight.ua=null;Silverlight.available=false;Silverlight.fwlinkRoot="http://go.microsoft.com/fwlink/?LinkID=";Silverlight.detectUserAgent=function(){var a=window.navigator.userAgent;Silverlight.ua={OS:"Unsupported",Browser:"Unsupported"};if(a.indexOf("Windows NT")>=0)Silverlight.ua.OS="Windows";else if(a.indexOf("PPC Mac OS X")>=0)Silverlight.ua.OS="MacPPC";else if(a.indexOf("Intel Mac OS X")>=0)Silverlight. Antivirus reports:
| ||
http://eganservices.com/plugins/content/avreloaded/wmvplayer.js | 200 OK Content-Length: 18198 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(typeof jeroenwijering=="undefined"){var jeroenwijering=new Object();jeroenwijering.utils=new Object()}jeroenwijering.Player=function(B,C,A){this.configuration={backgroundcolor:"ffffff",file:"video.wmv",height:"260",image:"",backcolor:"FFFFFF",frontcolor:"000000",lightcolor:"000000",screencolor:"000000",width:"320",logo:"",overstretch:"false",showicons:"true",shownavigation:"true",showstop:"false",showdigits:"true",usefullscreen:"true",usemute:"false",autostart:"false",bufferlength:"3",duratio Antivirus reports:
| ||
http://eganservices.com/plugins/content/avreloaded/swfobject.js | 200 OK Content-Length: 13976 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var swfobject=function(){var UNDEF="undefined",OBJECT="object",SHOCKWAVE_FLASH="Shockwave Flash",SHOCKWAVE_FLASH_AX="ShockwaveFlash.ShockwaveFlash",FLASH_MIME_TYPE="application/x-shockwave-flash",EXPRESS_INSTALL_ID="SWFObjectExprInst",win=window,doc=document,nav=navigator,domLoadFnArr=[],regObjArr=[],timer=null,storedAltContent=null,storedAltContentId=null,isDomLoaded=false,isExpressInstallActive=false;var ua=function(){var w3cdom=typeof doc.getElementById!=UNDEF&&typeof doc.getElementsB Antivirus reports:
| ||
http://eganservices.com/plugins/content/avreloaded/avreloaded.js | 200 OK Content-Length: 4081 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(typeof (allvideos)=="undefined"){var allvideos=new Object();allvideos.APIs=new Array()}function getUpdate(D,C,B,A){if(A=="null"){return }allvideos.APIs.each(function(E){if(E._pid==A){E._plCB(D,C,B)}})}allvideos.API=function(B){var A=null;allvideos.APIs.each(function(C){if(C._pid==B){A=C}});if(A!=null){return A}this._pid=B;this._player=null;this._item=null;this._load=null;this._width=null;this._height=null;this._state=null;this._elapsed=null;this._remaining=null;this._volume=null;this._plCB=fu Antivirus reports:
| ||
http://eganservices.com/templates/eganservices_corporate_beta/script.js | 200 OK Content-Length: 16145 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var artEventHelper = { 'bind': function(obj, evt, fn) { if (obj.addEventListener) obj.addEventListener(evt, fn, false); else if (obj.attachEvent) obj.attachEvent('on' + evt, fn); else obj['on' + evt] = fn; } }; var artUserAgent = navigator.userAgent.toLowerCase(); var artBrowser = { version: (artUserAgent.match(/.+(?:rv|it|ra|ie)[\/: ]([\d.]+)/) || [])[1], safari: /webkit/.test Antivirus reports:
| ||
http://eganservices.com/index.php/homepagelink.html | 200 OK Content-Length: 7517 Content-Type: text/html | clean |
http://eganservices.com/index.php/websiteserviceslink.html | 200 OK Content-Length: 8482 Content-Type: text/html | clean |
http://eganservices.com/index.php/techservicesandsupportlink.html | 200 OK Content-Length: 6393 Content-Type: text/html | clean |
http://eganservices.com/index.php/backupandrecoverylink.html | 200 OK Content-Length: 6859 Content-Type: text/html | clean |
http://eganservices.com/index.php/dataprivacyandsecuritylink.html | 200 OK Content-Length: 6520 Content-Type: text/html | clean |
http://eganservices.com/index.php/contactmelink.html | 200 OK Content-Length: 7806 Content-Type: text/html | clean |
http://eganservices.com/test404page.js | 404 Not Found Content-Length: 12839 Content-Type: text/html | clean |
http://code.jquery.com/jquery-1.9.1.js | 200 OK Content-Length: 268381 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: eganservices.com
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Mon, 29 Sep 2014 18:18:36 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 29 Sep 2014 18:18:38 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 82200416bcf37661641308cdc3d34eeb=8e94b6caa5cb89df55faa43d8ad426d0; path=/
GET / HTTP/1.1
Host: eganservices.com
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Mon, 29 Sep 2014 18:18:36 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 29 Sep 2014 18:18:38 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 82200416bcf37661641308cdc3d34eeb=8e94b6caa5cb89df55faa43d8ad426d0; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: eganservices.com
Referer: http://www.google.com/search?q=eganservices.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: eganservices.com
Referer: http://www.google.com/search?q=eganservices.com
Result:
The result is similar to the first query. There are no suspicious redirects found.