Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ferrum-n.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://ferrum-n.ru/ | 200 OK Content-Length: 28540 Content-Type: text/html | clean |
http://ferrum-n.ru/highslide/highslide-with-html.js | 200 OK Content-Length: 62744 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var hs = { graphicsDir : 'highslide/graphics/', restoreCursor : 'zoomout.cur', expandSteps : 10, expandDuration : 250, restoreSteps : 10, restoreDuration : 250, marginLeft : 15, marginRight : 15, marginTop : 15, marginBottom : 15, zIndexCounter : 1001, restoreTitle : 'Click to close image, click and drag to move. Use arrow keys for next and previous.', loadingText : 'Loading...', loadingTitle : 'Click to cancel', load } } hs.getElementByClass(this.content, 'DIV', 'highslide-body').innerHTML = s; this.onLoad(); for (var x in this) this[x] = null; } }; var HsExpander = hs.Expander; hs.addEventListener(document, 'mousedown', hs.mouseClickHandler); hs.addEventListener(document, 'mouseup', hs.mouseClickHandler); hs.addEventListener(window, 'load', hs.preloadImages); hs.addEventListener(window, 'load', hs.preloadAjax); Antivirus reports:
| ||
http://ferrum-n.ru/js/functions.js?3 | 200 OK Content-Length: 5040 Content-Type: application/javascript | clean |
http://ferrum-n.ru/js/jquery.js?1 | 200 OK Content-Length: 72174 Content-Type: application/javascript | clean |
http://ferrum-n.ru/js/jquery.form.js?1 | 200 OK Content-Length: 22463 Content-Type: application/javascript | clean |
http://ferrum-n.ru/js/jquery.jcarousel.js?1 | 200 OK Content-Length: 15128 Content-Type: application/javascript | clean |
http://ferrum-n.ru/js/AC_OETags.js | 200 OK Content-Length: 7826 Content-Type: application/javascript | clean |
http://ferrum-n.ru//mc.yandex.ru/metrika/watch.js/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 27 Jul 2014 16:19:42 GMT Location: http://ferrum-n.ru/ Server: nginx Content-Length: 313 Content-Type: text/html; charset=iso-8859-1 X-MJ-Serve-Req-Time: D=15721 usec X-MJ-Upstream-Addr: 10.10.0.33:81 | clean |
http://ferrum-n.ru/test404page.js | 404 Not Found Content-Length: 13412 Content-Type: text/html | clean |
http://ferrum-n.ru/map | 200 OK Content-Length: 16564 Content-Type: text/html | clean |
http://ferrum-n.ru/about | 200 OK Content-Length: 17959 Content-Type: text/html | clean |
http://ferrum-n.ru/produkt | 200 OK Content-Length: 14980 Content-Type: text/html | clean |
http://ferrum-n.ru/filial | 200 OK Content-Length: 15363 Content-Type: text/html | clean |
http://ferrum-n.ru/sotrudn | 200 OK Content-Length: 16960 Content-Type: text/html | clean |
http://ferrum-n.ru/lib/JsHttpRequest/JsHttpRequest.js | 200 OK Content-Length: 14684 Content-Type: application/javascript | clean |
http://ferrum-n.ru/js/func.js | 200 OK Content-Length: 3286 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ferrum-n.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Connection: close
Date: Sun, 27 Jul 2014 16:19:39 GMT
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
Content-Language: ru
Content-Type: text/html; charset=windows-1251
X-MJ-Serve-Req-Time: D=48636 usec
X-MJ-Upstream-Addr: 10.10.0.33:81
X-Powered-By: PHP/5.3.20
GET / HTTP/1.1
Host: ferrum-n.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Connection: close
Date: Sun, 27 Jul 2014 16:19:39 GMT
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
Content-Language: ru
Content-Type: text/html; charset=windows-1251
X-MJ-Serve-Req-Time: D=48636 usec
X-MJ-Upstream-Addr: 10.10.0.33:81
X-Powered-By: PHP/5.3.20
Second query (visit from search engine):
GET / HTTP/1.1
Host: ferrum-n.ru
Referer: http://www.google.com/search?q=ferrum-n.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ferrum-n.ru
Referer: http://www.google.com/search?q=ferrum-n.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.