Scanned pages/files
Request | Server response | Status |
http://js-neman.ru/ | 200 OK Content-Length: 25704 Content-Type: text/html | clean |
http://js-neman.ru/lytebox.js | 200 OK Content-Length: 40818 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) Array.prototype.removeDuplicates = function () { for (var i = 1; i < this.length; i++) { if (this[i][0] == this[i-1][0]) { this.splice(i,1); } } }
Array.prototype.empty = function () { for (var i = 0; i <= this.length; i++) { this.shift(); } } String.prototype.trim = function () { return this.replace(/^\s+|\s+$/g, ''); } function LyteBox() { this.theme = 'grey'; this.hideFlash = true; this.outerBorder = true; this.resizeSpeed = 8; this.m Antivirus reports:
| ||
http://js-neman.ru/test404page.js | 404 Not Found Content-Length: 351 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: js-neman.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 27 Dec 2014 13:47:19 GMT
Server: DataPalm/3.5
Content-Type: text/html
GET / HTTP/1.1
Host: js-neman.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 27 Dec 2014 13:47:19 GMT
Server: DataPalm/3.5
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: js-neman.ru
Referer: http://www.google.com/search?q=js-neman.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: js-neman.ru
Referer: http://www.google.com/search?q=js-neman.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=js-neman.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://js-neman.ru/
Result: js-neman.ru is not infected or malware details are not published yet.
Result: js-neman.ru is not infected or malware details are not published yet.