Scanned pages/files
Request | Server response | Status |
http://instrument.ru/ | 200 OK Content-Length: 86927 Content-Type: text/html | clean |
http://instrument.ru/scripts/jquery.js?1397560844 | 200 OK Content-Length: 94840 Content-Type: application/x-javascript | clean |
http://instrument.ru/tao/scripts/tao.js?1421412384 | 200 OK Content-Length: 5836 Content-Type: application/x-javascript | clean |
http://instrument.ru/scripts/jcarousel.js?1390548159 | 200 OK Content-Length: 17169 Content-Type: application/x-javascript | clean |
http://instrument.ru/scripts/copy/app/components/Shop/app/scripts/session/add-to-cart-simple.js?1416560962 | 200 OK Content-Length: 1604 Content-Type: application/x-javascript | clean |
http://instrument.ru/scripts/jquery.Sanday.js?1422535500 | 200 OK Content-Length: 1096 Content-Type: application/x-javascript | clean |
http://instrument.ru/scripts/common.js?1422535500 | 200 OK Content-Length: 10306 Content-Type: application/x-javascript | clean |
http://instrument.ru/scripts/main.js?1418022130 | 200 OK Content-Length: 3656 Content-Type: application/x-javascript | clean |
http://instrument.ru/scripts/filter_facets.js?1411629218 | 200 OK Content-Length: 2223 Content-Type: application/x-javascript | clean |
http://vk.com/js/api/share.js?90 | 200 OK Content-Length: 10156 Content-Type: application/x-javascript | clean |
http://instrument.ru/users/login/ | 200 OK Content-Length: 28182 Content-Type: text/html | clean |
http://instrument.ru/shop/cart/ | HTTP/1.1 302 FOUND Connection: close Date: Tue, 31 Mar 2015 12:50:10 GMT Location: /users/login/ Server: nginx/1.2.9 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=utf-8 Set-Cookie: city_id=deleted; expires=Mon, 31-Mar-2014 12:50:09 GMT; path=/ X-Powered-By: PHP/5.3.3-7+squeeze19 X-Powered-CMS: Techart CMS 2.1.70 | clean |
http://instrument.ru/test404page.js | 404 Not Found Content-Length: 570 Content-Type: text/html | clean |
http://instrument.ru/about/ | 200 OK Content-Length: 35044 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) $(".youtube").colorbox({iframe:true, innerWidth:640, innerHeight:390}); Antivirus reports:
| ||
http://instrument.ru/scripts/colorbox/jquery.colorbox-min.js?1402029275 | 200 OK Content-Length: 11803 Content-Type: application/x-javascript | clean |
http://instrument.ru/catalog/ | 200 OK Content-Length: 54207 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: instrument.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 31 Mar 2015 12:50:07 GMT
Pragma: no-cache
Server: nginx/1.2.9
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: city_id=deleted; expires=Mon, 31-Mar-2014 12:50:05 GMT; path=/
Set-Cookie: PHPSESSID=3v9g0j7icg0ivkcbbgd8qjaik7; path=/
X-Powered-By: PHP/5.3.3-7+squeeze19
X-Powered-CMS: Techart CMS 2.1.70
GET / HTTP/1.1
Host: instrument.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 31 Mar 2015 12:50:07 GMT
Pragma: no-cache
Server: nginx/1.2.9
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: city_id=deleted; expires=Mon, 31-Mar-2014 12:50:05 GMT; path=/
Set-Cookie: PHPSESSID=3v9g0j7icg0ivkcbbgd8qjaik7; path=/
X-Powered-By: PHP/5.3.3-7+squeeze19
X-Powered-CMS: Techart CMS 2.1.70
Second query (visit from search engine):
GET / HTTP/1.1
Host: instrument.ru
Referer: http://www.google.com/search?q=instrument.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: instrument.ru
Referer: http://www.google.com/search?q=instrument.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=instrument.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://instrument.ru/
Result: instrument.ru is not infected or malware details are not published yet.
Result: instrument.ru is not infected or malware details are not published yet.