Scanned pages/files
| Request | Server response | Status |
http://grasia-award.com/ | 200 OK Content-Length: 71717 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) jQuery.noConflict(); jQuery(document).ready(function(){ jQuery('ul.pjtl li:nth-child(odd)').addClass('alternate'); jQuery("ul.pjtl li:last-child").addClass("last"); jQuery("ul.pjtl li:first-child").addClass("first"); }); Antivirus reports:
| ||
http://grasia-award.com/media/system/js/mootools-core.js | 200 OK Content-Length: 96362 Content-Type: application/javascript | clean |
http://grasia-award.com/media/system/js/core.js | 200 OK Content-Length: 4784 Content-Type: application/javascript | clean |
http://grasia-award.com/media/system/js/caption.js | 200 OK Content-Length: 729 Content-Type: application/javascript | clean |
http://grasia-award.com/components/com_rsform/assets/js/script.js | 200 OK Content-Length: 11037 Content-Type: application/javascript | clean |
http://grasia-award.com//ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js/ | 404 ÐаÑегоÑÐ¸Ñ Ð½Ðµ найдена Content-Length: 1950 Content-Type: text/html | clean |
http://grasia-award.com/index.php | 200 OK Content-Length: 72029 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) jQuery.noConflict(); jQuery(document).ready(function(){ jQuery('ul.pjtl li:nth-child(odd)').addClass('alternate'); jQuery("ul.pjtl li:last-child").addClass("last"); jQuery("ul.pjtl li:first-child").addClass("first"); }); Antivirus reports:
| ||
http://grasia-award.com/templates/pj_amenity_25/scripts/js/scripts_min.js | 200 OK Content-Length: 39085 Content-Type: application/javascript | clean |
http://grasia-award.com/templates/pj_amenity_25/scripts/js/jscolor/jscolor.js | 200 OK Content-Length: 26530 Content-Type: application/javascript | clean |
http://grasia-award.com/templates/pj_amenity_25/scripts/zoombox2/zoombox_min.js | 200 OK Content-Length: 10955 Content-Type: application/javascript | clean |
http://grasia-award.com/media/system/js/mootools-more.js | 200 OK Content-Length: 238331 Content-Type: application/javascript | clean |
http://grasia-msk.ru/modules/mod_news_pro_gk4/interface/scripts/engine.js | 200 OK Content-Length: 8034 Content-Type: application/x-javascript | clean |
http://grasia-award.com/modules/mod_pj_newscarousel/scripts/jquery.easing.1.3.js | 200 OK Content-Length: 8097 Content-Type: application/javascript | clean |
http://grasia-award.com/modules/mod_pj_newscarousel/scripts/carousel_1.5_modified_min.js | 200 OK Content-Length: 6450 Content-Type: application/javascript | clean |
http://grasia-msk.ru/administrator/components/com_unitehcarousel/assets/fred-carousel/jquery.carouFredSel-5.6.2.js | 200 OK Content-Length: 76944 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: grasia-award.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Cache-Control: max-age=0
Connection: close
Date: Fri, 18 Apr 2014 10:19:10 GMT
Pragma: no-cache
Server: nginx
Content-Type: text/html; charset=utf-8
Expires: Fri, 18 Apr 2014 10:19:07 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 647c4936194a538573e95e5d042c165c=81655f1476c2ac96bb77480b5803201d; path=/
GET / HTTP/1.1
Host: grasia-award.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Cache-Control: max-age=0
Connection: close
Date: Fri, 18 Apr 2014 10:19:10 GMT
Pragma: no-cache
Server: nginx
Content-Type: text/html; charset=utf-8
Expires: Fri, 18 Apr 2014 10:19:07 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 647c4936194a538573e95e5d042c165c=81655f1476c2ac96bb77480b5803201d; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: grasia-award.com
Referer: http://www.google.com/search?q=grasia-award.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: grasia-award.com
Referer: http://www.google.com/search?q=grasia-award.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=grasia-award.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://grasia-award.com/
Result: grasia-award.com is not infected or malware details are not published yet.
Result: grasia-award.com is not infected or malware details are not published yet.