Scanned pages/files
Request | Server response | Status |
http://akita-msk.ru/ | 200 OK Content-Length: 7298 Content-Type: text/html | clean |
http://akita-msk.ru/js/shadowbox/shadowbox-base.js | 200 OK Content-Length: 2192 Content-Type: application/javascript | clean |
http://akita-msk.ru/js/shadowbox/shadowbox.js | 200 OK Content-Length: 10252 Content-Type: application/javascript | suspicious |
Suspicious code. Script contains iFrame. O="functioreturn;var ent.if(innsuppor){var plug html,te. dexOfcliisSL.ge=n(dow){options}else{documdeclayletPlug habox.st(trueurlsetSty(eHeightud-var amepatypeof galryua(falY==errYInt(.ngthounrobj.ent)toggNaanimacityidthwmpdenavigat:null,!=-1attrl k;,J:htZl,}RE.%J)imelitp://w:{n:displashf4momQuickT¢Strict,10)s_} ors.filrSafarihand ...[3608 bytes skipped]... Decoded script: ...[699 bytes skipped]... fla:{name:"Flash",url:"http://www.adobe.com/products/flashplayer/"},qt:{name:"QuickTime",url:"http://www.apple.com/quicktime/download/"},wmp:{name:"Windows Media Player",url:"http://www.microsoft.com/windows/windowsmedia/"},f4m:{name:"Flip4Mac",url:"http://www.flip4mac.com/wmv_download.htm"}},ext:{img:["png","jpg","jpeg","gif","bmp"],swf:["swf"],flv:["flv"],qt:["dv","mov","moov","movie","mp4"],wmp:["asf","wm","wmv"],qtwmp:["avi","mpg","mpeg"],iframe:["asp","aspx","cgi","cfm","htm","html","pl","php","php3","php4","php5","phtml","rb","rhtml","shtml","txt","vbs"]}};var SB=Shadowbox;var SL=SB.lib;var default_options;var RE={domain:/:\/\/(.*?)[:\/]/,inline:/#(.+)$/,rel:/^(light|shadow)box/i,gallery:/^(light|shadow)box\[(.*?)\]/i,unsupported:/^unsupported-(\w+)/,param:/\s*([a-z_]*?)\s*=\s*(.+)\s*/,empty:/^(?:br|frame|hr|img|input|link|meta|range|spacer|wbr|area|param|col)$/i};var cache=[];var gallery;var current;var content;var content ...[42327 bytes skipped]... | ||
http://akita-msk.ru/./ | 200 OK Content-Length: 7298 Content-Type: text/html | clean |
http://akita-msk.ru/./js/shadowbox/shadowbox-base.js | 200 OK Content-Length: 2192 Content-Type: application/javascript | clean |
http://akita-msk.ru/./js/shadowbox/shadowbox.js | 200 OK Content-Length: 10252 Content-Type: application/javascript | suspicious |
Suspicious code. Script contains iFrame. O="functioreturn;var ent.if(innsuppor){var plug html,te. dexOfcliisSL.ge=n(dow){options}else{documdeclayletPlug habox.st(trueurlsetSty(eHeightud-var amepatypeof galryua(falY==errYInt(.ngthounrobj.ent)toggNaanimacityidthwmpdenavigat:null,!=-1attrl k;,J:htZl,}RE.%J)imelitp://w:{n:displashf4momQuickT¢Strict,10)s_} ors.filrSafarihand ...[3608 bytes skipped]... Decoded script: ...[699 bytes skipped]... fla:{name:"Flash",url:"http://www.adobe.com/products/flashplayer/"},qt:{name:"QuickTime",url:"http://www.apple.com/quicktime/download/"},wmp:{name:"Windows Media Player",url:"http://www.microsoft.com/windows/windowsmedia/"},f4m:{name:"Flip4Mac",url:"http://www.flip4mac.com/wmv_download.htm"}},ext:{img:["png","jpg","jpeg","gif","bmp"],swf:["swf"],flv:["flv"],qt:["dv","mov","moov","movie","mp4"],wmp:["asf","wm","wmv"],qtwmp:["avi","mpg","mpeg"],iframe:["asp","aspx","cgi","cfm","htm","html","pl","php","php3","php4","php5","phtml","rb","rhtml","shtml","txt","vbs"]}};var SB=Shadowbox;var SL=SB.lib;var default_options;var RE={domain:/:\/\/(.*?)[:\/]/,inline:/#(.+)$/,rel:/^(light|shadow)box/i,gallery:/^(light|shadow)box\[(.*?)\]/i,unsupported:/^unsupported-(\w+)/,param:/\s*([a-z_]*?)\s*=\s*(.+)\s*/,empty:/^(?:br|frame|hr|img|input|link|meta|range|spacer|wbr|area|param|col)$/i};var cache=[];var gallery;var current;var content;var content ...[42327 bytes skipped]... | ||
http://akita-msk.ru/././ | 200 OK Content-Length: 7298 Content-Type: text/html | clean |
http://akita-msk.ru/././js/shadowbox/shadowbox-base.js | 200 OK Content-Length: 2192 Content-Type: application/javascript | clean |
http://akita-msk.ru/././js/shadowbox/shadowbox.js | 200 OK Content-Length: 10252 Content-Type: application/javascript | suspicious |
Suspicious code. Script contains iFrame. O="functioreturn;var ent.if(innsuppor){var plug html,te. dexOfcliisSL.ge=n(dow){options}else{documdeclayletPlug habox.st(trueurlsetSty(eHeightud-var amepatypeof galryua(falY==errYInt(.ngthounrobj.ent)toggNaanimacityidthwmpdenavigat:null,!=-1attrl k;,J:htZl,}RE.%J)imelitp://w:{n:displashf4momQuickT¢Strict,10)s_} ors.filrSafarihand ...[3608 bytes skipped]... Decoded script: ...[699 bytes skipped]... fla:{name:"Flash",url:"http://www.adobe.com/products/flashplayer/"},qt:{name:"QuickTime",url:"http://www.apple.com/quicktime/download/"},wmp:{name:"Windows Media Player",url:"http://www.microsoft.com/windows/windowsmedia/"},f4m:{name:"Flip4Mac",url:"http://www.flip4mac.com/wmv_download.htm"}},ext:{img:["png","jpg","jpeg","gif","bmp"],swf:["swf"],flv:["flv"],qt:["dv","mov","moov","movie","mp4"],wmp:["asf","wm","wmv"],qtwmp:["avi","mpg","mpeg"],iframe:["asp","aspx","cgi","cfm","htm","html","pl","php","php3","php4","php5","phtml","rb","rhtml","shtml","txt","vbs"]}};var SB=Shadowbox;var SL=SB.lib;var default_options;var RE={domain:/:\/\/(.*?)[:\/]/,inline:/#(.+)$/,rel:/^(light|shadow)box/i,gallery:/^(light|shadow)box\[(.*?)\]/i,unsupported:/^unsupported-(\w+)/,param:/\s*([a-z_]*?)\s*=\s*(.+)\s*/,empty:/^(?:br|frame|hr|img|input|link|meta|range|spacer|wbr|area|param|col)$/i};var cache=[];var gallery;var current;var content;var content ...[42327 bytes skipped]... | ||
http://akita-msk.ru/./././ | 200 OK Content-Length: 7298 Content-Type: text/html | clean |
http://akita-msk.ru/./././js/shadowbox/shadowbox-base.js | 200 OK Content-Length: 2192 Content-Type: application/javascript | clean |
http://akita-msk.ru/./././js/shadowbox/shadowbox.js | 200 OK Content-Length: 10252 Content-Type: application/javascript | suspicious |
Suspicious code. Script contains iFrame. O="functioreturn;var ent.if(innsuppor){var plug html,te. dexOfcliisSL.ge=n(dow){options}else{documdeclayletPlug habox.st(trueurlsetSty(eHeightud-var amepatypeof galryua(falY==errYInt(.ngthounrobj.ent)toggNaanimacityidthwmpdenavigat:null,!=-1attrl k;,J:htZl,}RE.%J)imelitp://w:{n:displashf4momQuickT¢Strict,10)s_} ors.filrSafarihand ...[3608 bytes skipped]... Decoded script: ...[699 bytes skipped]... fla:{name:"Flash",url:"http://www.adobe.com/products/flashplayer/"},qt:{name:"QuickTime",url:"http://www.apple.com/quicktime/download/"},wmp:{name:"Windows Media Player",url:"http://www.microsoft.com/windows/windowsmedia/"},f4m:{name:"Flip4Mac",url:"http://www.flip4mac.com/wmv_download.htm"}},ext:{img:["png","jpg","jpeg","gif","bmp"],swf:["swf"],flv:["flv"],qt:["dv","mov","moov","movie","mp4"],wmp:["asf","wm","wmv"],qtwmp:["avi","mpg","mpeg"],iframe:["asp","aspx","cgi","cfm","htm","html","pl","php","php3","php4","php5","phtml","rb","rhtml","shtml","txt","vbs"]}};var SB=Shadowbox;var SL=SB.lib;var default_options;var RE={domain:/:\/\/(.*?)[:\/]/,inline:/#(.+)$/,rel:/^(light|shadow)box/i,gallery:/^(light|shadow)box\[(.*?)\]/i,unsupported:/^unsupported-(\w+)/,param:/\s*([a-z_]*?)\s*=\s*(.+)\s*/,empty:/^(?:br|frame|hr|img|input|link|meta|range|spacer|wbr|area|param|col)$/i};var cache=[];var gallery;var current;var content;var content ...[42327 bytes skipped]... | ||
http://akita-msk.ru/././././ | 200 OK Content-Length: 7298 Content-Type: text/html | clean |
http://akita-msk.ru/././././js/shadowbox/shadowbox-base.js | 200 OK Content-Length: 2192 Content-Type: application/javascript | clean |
http://akita-msk.ru/././././js/shadowbox/shadowbox.js | 200 OK Content-Length: 10252 Content-Type: application/javascript | suspicious |
Suspicious code. Script contains iFrame. O="functioreturn;var ent.if(innsuppor){var plug html,te. dexOfcliisSL.ge=n(dow){options}else{documdeclayletPlug habox.st(trueurlsetSty(eHeightud-var amepatypeof galryua(falY==errYInt(.ngthounrobj.ent)toggNaanimacityidthwmpdenavigat:null,!=-1attrl k;,J:htZl,}RE.%J)imelitp://w:{n:displashf4momQuickT¢Strict,10)s_} ors.filrSafarihand ...[3608 bytes skipped]... Decoded script: ...[699 bytes skipped]... fla:{name:"Flash",url:"http://www.adobe.com/products/flashplayer/"},qt:{name:"QuickTime",url:"http://www.apple.com/quicktime/download/"},wmp:{name:"Windows Media Player",url:"http://www.microsoft.com/windows/windowsmedia/"},f4m:{name:"Flip4Mac",url:"http://www.flip4mac.com/wmv_download.htm"}},ext:{img:["png","jpg","jpeg","gif","bmp"],swf:["swf"],flv:["flv"],qt:["dv","mov","moov","movie","mp4"],wmp:["asf","wm","wmv"],qtwmp:["avi","mpg","mpeg"],iframe:["asp","aspx","cgi","cfm","htm","html","pl","php","php3","php4","php5","phtml","rb","rhtml","shtml","txt","vbs"]}};var SB=Shadowbox;var SL=SB.lib;var default_options;var RE={domain:/:\/\/(.*?)[:\/]/,inline:/#(.+)$/,rel:/^(light|shadow)box/i,gallery:/^(light|shadow)box\[(.*?)\]/i,unsupported:/^unsupported-(\w+)/,param:/\s*([a-z_]*?)\s*=\s*(.+)\s*/,empty:/^(?:br|frame|hr|img|input|link|meta|range|spacer|wbr|area|param|col)$/i};var cache=[];var gallery;var current;var content;var content ...[42327 bytes skipped]... |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: akita-msk.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 25 Nov 2014 03:29:15 GMT
Pragma: no-cache
Server: Jino.ru/mod_pizza
Content-Length: 7298
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=dd1531056bafdd2b76afe066955ea873; path=/
...7298 bytes of data.
GET / HTTP/1.1
Host: akita-msk.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 25 Nov 2014 03:29:15 GMT
Pragma: no-cache
Server: Jino.ru/mod_pizza
Content-Length: 7298
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=dd1531056bafdd2b76afe066955ea873; path=/
...7298 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: akita-msk.ru
Referer: http://www.google.com/search?q=akita-msk.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: akita-msk.ru
Referer: http://www.google.com/search?q=akita-msk.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=akita-msk.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://akita-msk.ru/
Result: akita-msk.ru is not infected or malware details are not published yet.
Result: akita-msk.ru is not infected or malware details are not published yet.