Scanned pages/files
Request | Server response | Status |
http://cool-servers.my1.ru/ | 200 OK Content-Length: 140944 Content-Type: text/html | clean |
http://cool-servers.my1.ru/css/dtree.js | 200 OK Content-Length: 13397 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Node(id, pid, name, url, title, target, icon, iconOpen, open) { this.id = id; this.pid = pid; this.name = name; this.url = url; this.title = title; this.target = target; this.icon = icon; this.iconOpen = iconOpen; this._io = open || false; this._is = false; this._ls = false; this._hc = false; this._ai = 0; this._p; }; function dTree(objName, path) { this.config = { target: null, folderLinks: tru Antivirus reports:
| ||
http://cool-servers.my1.ru/jquery.js | 404 Not Found Content-Length: 6869 Content-Type: text/html | clean |
http://cool-servers.my1.ru/test404page.js | 404 Not Found Content-Length: 6869 Content-Type: text/html | clean |
http://cool-servers.my1.ru/effects.core.js | 404 Not Found Content-Length: 6869 Content-Type: text/html | clean |
http://s106.ucoz.net/src/jquery-1.7.2.js | 200 OK Content-Length: 94840 Content-Type: text/javascript | clean |
http://s106.ucoz.net/src/ulightbox/ulightbox.js | 200 OK Content-Length: 22097 Content-Type: text/javascript | clean |
http://s106.ucoz.net/src/uwnd.js?2 | 200 OK Content-Length: 228554 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: cool-servers.my1.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Cache-Control: no-store
Cache-Control: private
Connection: close
Date: Mon, 26 Oct 2015 12:52:42 GMT
Pragma: no-cache
Server: nginx/1.8.0
Content-Type: text/html; charset=UTF-8
Set-Cookie: 5cool-serversuCoz=; path=/; expires=Sat, 26-Oct-2013 12:52:42 GMT; domain=.cool-servers.my1.ru;
Set-Cookie: 5cool-serversuzll=1445863962; path=/; expires=Tue, 25-Oct-2016 12:52:42 GMT; domain=.cool-servers.my1.ru;
Set-Cookie: 5cool-serversuCoz=; path=/; expires=Sat, 26-Oct-2013 12:52:42 GMT; domain=.cool-servers.my1.ru;
Set-Cookie: ucvid=tCjNJ2yl0c; domain=my1.ru; path=/; expires=Tue, 25-Oct-2016 12:52:42 GMT
GET / HTTP/1.1
Host: cool-servers.my1.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Cache-Control: no-store
Cache-Control: private
Connection: close
Date: Mon, 26 Oct 2015 12:52:42 GMT
Pragma: no-cache
Server: nginx/1.8.0
Content-Type: text/html; charset=UTF-8
Set-Cookie: 5cool-serversuCoz=; path=/; expires=Sat, 26-Oct-2013 12:52:42 GMT; domain=.cool-servers.my1.ru;
Set-Cookie: 5cool-serversuzll=1445863962; path=/; expires=Tue, 25-Oct-2016 12:52:42 GMT; domain=.cool-servers.my1.ru;
Set-Cookie: 5cool-serversuCoz=; path=/; expires=Sat, 26-Oct-2013 12:52:42 GMT; domain=.cool-servers.my1.ru;
Set-Cookie: ucvid=tCjNJ2yl0c; domain=my1.ru; path=/; expires=Tue, 25-Oct-2016 12:52:42 GMT
Second query (visit from search engine):
GET / HTTP/1.1
Host: cool-servers.my1.ru
Referer: http://www.google.com/search?q=cool-servers.my1.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: cool-servers.my1.ru
Referer: http://www.google.com/search?q=cool-servers.my1.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=cool-servers.my1.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://cool-servers.my1.ru/
Result: cool-servers.my1.ru is not infected or malware details are not published yet.
Result: cool-servers.my1.ru is not infected or malware details are not published yet.