Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=gold-forest.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://gold-forest.ru/ | 200 OK Content-Length: 24888 Content-Type: text/html | clean |
http://gold-forest.ru/templates/jv_dilo/js/jv.script.js.php | 200 OK Content-Length: 77946 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var MooTools={version:'1.11'};function $defined(obj){return(obj!=undefined);};function $type(obj){if(!$defined(obj))return false;if(obj.htmlElement)return'element';var type=typeof obj;if(type=='object'&&obj.nodeName){switch(obj.nodeType){case 1:return'element';case 3:return(/\S/).test(obj.nodeValue)?'textnode':'whitespace';}} if(type=='object'||type=='function'){switch(obj.constructor){case Array:return'array';case RegExp:return'regexp';case Class:return'class';} if(typeof obj.le { if(!str || typeof str != 'string') return null; return str.replace(/^[\s]+/,'').replace(/[\s]+$/,'').replace(/[\s]{2,}/,' '); } function hide_nocontent(){ var title = $('jv-maincontent'); if (title) { var titlestring = "a" + trim(title.innerHTML); if (titlestring.length <= 15) { $('mdl-content').setStyle('display','none'); } } } window.addEvent('load', function(){ hide_nocontent(); }); Antivirus reports:
| ||
http://gold-forest.ru/plugins/system/jv_zoom/cloudzoom.js | 200 OK Content-Length: 5784 Content-Type: application/x-javascript | clean |
http://gold-forest.ru/modules/mod_jv_cu3er/assets/js/swfobject/swfobject.js | 200 OK Content-Length: 25560 Content-Type: application/x-javascript | clean |
http://gold-forest.ru/templates/jv_dilo/jv_menus/jv_moomenu/jv.moomenu.js | 200 OK Content-Length: 3127 Content-Type: application/x-javascript | clean |
http://srubizbrevna.site-dom.ru/adm-/jz6bchyb.php?id=3546475 | 404 Not Found Content-Length: 292 Content-Type: text/html | clean |
http://srubizbrevna.site-dom.ru/test404page.js | 404 Not Found Content-Length: 289 Content-Type: text/html | clean |
http://counter.rambler.ru/top100.jcn?2739645 | 200 OK Content-Length: 6853 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: gold-forest.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 07 Mar 2015 20:16:16 GMT
Pragma: no-cache
Server: nginx/1.0.6
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sat, 07 Mar 2015 20:16:16 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: ab60f2e75ea1cfa639cdfc1306a98594=d1062f04489762581fe9cd01ee3237ec; path=/
Set-Cookie: jv_dilo_tpl=jv_dilo; expires=Thu, 25-Feb-2016 20:16:15 GMT; path=/
X-Powered-By: PHP/5.2.10
GET / HTTP/1.1
Host: gold-forest.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 07 Mar 2015 20:16:16 GMT
Pragma: no-cache
Server: nginx/1.0.6
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sat, 07 Mar 2015 20:16:16 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: ab60f2e75ea1cfa639cdfc1306a98594=d1062f04489762581fe9cd01ee3237ec; path=/
Set-Cookie: jv_dilo_tpl=jv_dilo; expires=Thu, 25-Feb-2016 20:16:15 GMT; path=/
X-Powered-By: PHP/5.2.10
Second query (visit from search engine):
GET / HTTP/1.1
Host: gold-forest.ru
Referer: http://www.google.com/search?q=gold-forest.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: gold-forest.ru
Referer: http://www.google.com/search?q=gold-forest.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.