Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=evoltur.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://evoltur.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://evoltur.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: evoltur.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Wed, 02 Jul 2014 06:04:09 GMT Location: http://tinyurl.com/a4ak6x9 Server: nginx Content-Type: text/html; charset=utf-8 X-Powered-By: PHP/5.2.17 | malicious |
URL: http://tinyurl.com/a4ak6x9 (imitation of visitor from search engine) GET /a4ak6x9 HTTP/1.1 Host: tinyurl.com Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 02 Jul 2014 06:04:09 GMT Location: http://www.tic-d.com/libraries/pear/tar/4.php Server: TinyURL/1.6 Content-Length: 0 Content-Type: text/html Set-Cookie: tinyUUID=3b3a0f1b60b44e9e0be2c8b1; expires=Thu, 02-Jul-2015 06:04:28 GMT; path=/; domain=.tinyurl.com X-Tiny: cache 0.012324094772339 | malicious |
Scanned pages/files
Request | Server response | Status |
http://evoltur.com/ | 200 OK Content-Length: 23492 Content-Type: text/html | clean |
http://evoltur.com/media/system/js/modal.js | 200 OK Content-Length: 15455 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var SqueezeBox = { presets: { size: {x: 600, y: 450}, sizeLoading: {x: 200, y: 150}, marginInner: {x: 20, y: 20}, marginImage: {x: 150, y: 200}, handler: false, adopt: null, closeWithOverlay: true, zIndex: 65555, overlayOpacity: 0.7, classWindow: '', classOverlay: '', disableFx: false, onOpen: Class.empty, onClose: Class.empty, onUpdate: Class.empty, onResize: Class.empty, onMove: Class.emp Antivirus reports:
| ||
http://evoltur.com/components/com_k2/js/k2.js | 200 OK Content-Length: 7944 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) window.addEvent('domready', function(){ if($('comment-form')) { $('comment-form').addEvent('submit', function(e){ new Event(e).stop(); $('formLog').empty().addClass('formLogLoading'); this.send({ onComplete: function(res){ $('formLog').removeClass('formLogLoading').setHTML(res); if(typeof(Recaptcha) != "undefined"){ Recaptcha.reload(); } if (res.substr(13, 7) == 'success') Antivirus reports:
| ||
http://evoltur.com/plugins/search/jak2_filter/script.js | 200 OK Content-Length: 12757 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function load_jak2_filter(html,inline_label) { var areas = $$('input[name^=areas] '); var other_group =[]; var ja_group =[]; var jak2_input =null; var eja_group = new Element('div', {id: 'ja_group'}); var eother_group = new Element('div', {id: 'other_options'}); var plg_ja_filterform = new Element('div', {id: 'plg_ja_filterform'}); areas.each(function (input) { if(input.type=='checkbox') { if(inpu Antivirus reports:
| ||
http://evoltur.com/templates/ja_beryl2/js/ja.script.js | 200 OK Content-Length: 18912 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function switchFontSize (ckname,val){ var bd = $E('body'); switch (val) { case 'inc': if (CurrentFontSize+1 < 7) { bd.removeClass('fs'+CurrentFontSize); CurrentFontSize++; bd.addClass('fs'+CurrentFontSize); } break; case 'dec': if (CurrentFontSize-1 > 0) { bd.removeClass('fs'+CurrentFontSize); CurrentFontSize--; bd.addClass('fs'+CurrentFontSize); } break; default Antivirus reports:
| ||
http://evoltur.com/templates/ja_beryl2/ja_menus/ja_cssmenu/ja.cssmenu.js | 200 OK Content-Length: 6232 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) sfHover = function() { var sfEls = document.getElementById("ja-cssmenu").getElementsByTagName("li"); for (var i=0; i<sfEls.length; ++i) { sfEls[i].onmouseover=function() { clearTimeout(this.timer); if(this.className.indexOf("sfhover") == -1) this.className+="sfhover"; } sfEls[i].onmouseout=function() { this.timer = setTimeout(sfHoverOut.bind(this), 20); } } } function sfHoverOut() { Antivirus reports:
| ||
http://evoltur.com/modules/mod_up/js/jquery.js | 200 OK Content-Length: 62121 Content-Type: application/x-javascript | clean |
http://evoltur.com/index.php/bronirovanie.html?view=rsform | 200 OK Content-Length: 25494 Content-Type: text/html | clean |
http://evoltur.com/components/com_rsform/assets/js/script.js | 200 OK Content-Length: 9409 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function refreshCaptcha(componentId, captchaPath)
{ if(!captchaPath) captchaPath = 'index.php?option=com_rsform&task=captcha&componentId=' + componentId; document.getElementById('captcha' + componentId).src = captchaPath + '&' + Math.random(); document.getElementById('captchaTxt' + componentId).value=''; document.getElementById('captchaTxt' + componentId).focus(); } function number_format(number, decimals, dec_point, thousands_sep) { Antivirus reports:
| ||
http://evoltur.com/components/com_rsform/assets/calendar/cal.js | 200 OK Content-Length: 117742 Content-Type: application/x-javascript | clean |
http://evoltur.com/index.php/bronirovanie.html | 200 OK Content-Length: 25482 Content-Type: text/html | clean |
http://evoltur.com/index.php/novosti.html | 200 OK Content-Length: 18118 Content-Type: text/html | clean |
http://evoltur.com/media/system/js/caption.js | 200 OK Content-Length: 6830 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var JCaption = new Class({ initialize: function(selector) { this.selector = selector; var images = $$(selector); images.each(function(image){ this.createCaption(image); }, this); }, createCaption: function(element) { var caption = document.createTextNode(element.title); var container = document.createElement("div"); var text = document.createElement("p"); var width = element.getAttribute("width"); var align = Antivirus reports:
| ||
http://evoltur.com/index.php/kontakty.html | 200 OK Content-Length: 19124 Content-Type: text/html | clean |
http://evoltur.com/index.php/obratnaia-sviaz.html?view=rsform | 200 OK Content-Length: 27639 Content-Type: text/html | clean |