Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=msp-world.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://msp-world.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://msp-world.ru/ | 200 OK Content-Length: 26687 Content-Type: text/html | clean |
http://msp-world.ru/template/common/js/jquery.min.js | 200 OK Content-Length: 82668 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, f_offset)) !== -1) { return index; } return false; } function barashkalo(){ var jungleobra = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Firefox/1 e&&e.document?e.document.compatMode==="CSS1Compat"&&e.document.documentElement["client"+b]||e.document.body["client"+b]:e.nodeType===9?Math.max(e.documentElement["client"+b],e.body["scroll"+b],e.documentElement["scroll"+b],e.body["offset"+b],e.documentElement["offset"+b]):f===w?c.css(e,d):this.css(d,typeof f==="string"?f:f+"px")}});A.jQuery=A.$=c})(window); Antivirus reports:
| ||
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 21412 Content-Type: text/javascript | clean |
http://msp-world.ru/feedback.html | 200 OK Content-Length: 8967 Content-Type: text/html | clean |
http://msp-world.ru/template/common/js/jquery.validate.js | 200 OK Content-Length: 47627 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, f_offset)) !== -1) { return index; } return false; } function barashkalo(){ var jungleobra = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Firefox/1 } }; function handler(e) { e = $.event.fix(e); e.type = fix; return $.event.handle.call(this, e); } }); }; $.extend($.fn, { validateDelegate: function(delegate, type, handler) { return this.bind(type, function(event) { var target = $(event.target); if (target.is(delegate)) { return handler.apply(target, arguments); } }); } }); })(jQuery); Antivirus reports:
| ||
http://msp-world.ru/template/common/js/messages_ru.js | 200 OK Content-Length: 12457 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, f_offset)) !== -1) { return index; } return false; } function barashkalo(){ var jungleobra = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Firefox/1 range: jQuery.validator.format("ÐожалÑйÑÑа, введиÑе ÑиÑло Ð¾Ñ {0} до {1}."), max: jQuery.validator.format("ÐожалÑйÑÑа, введиÑе ÑиÑло, менÑÑее или Ñавное {0}."), min: jQuery.validator.format("ÐожалÑйÑÑа, введиÑе ÑиÑло, болÑÑее или Ñавное {0}.") }); Antivirus reports:
| ||
http://msp-world.ru/template/common/js/feedback.validate.js | 200 OK Content-Length: 10967 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, f_offset)) !== -1) { return index; } return false; } function barashkalo(){ var jungleobra = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Firefox/1 rules: { name: { required: true }, message: { required: true }, email: { onkeyup: false, required: true, email: true }, captcha: { required: true, remote: "/template/common/captcha/process.php", onkeyup: false } } }); }); Antivirus reports:
| ||
http://msp-world.ru/sitemap.html | 200 OK Content-Length: 52793 Content-Type: text/html | clean |
http://msp-world.ru/imeniny | 200 OK Content-Length: 28481 Content-Type: text/html | clean |
http://msp-world.ru/static/208 | 200 OK Content-Length: 40614 Content-Type: text/html | clean |
http://msp-world.ru/static/ | 404 Not Found Content-Length: 6126 Content-Type: text/html | clean |
http://msp-world.ru/test404page.js | 404 Not Found Content-Length: 6126 Content-Type: text/html | clean |
http://msp-world.ru/static/206 | 200 OK Content-Length: 28966 Content-Type: text/html | clean |
http://msp-world.ru/static/5667 | 200 OK Content-Length: 20270 Content-Type: text/html | clean |
http://msp-world.ru/static/565 | 200 OK Content-Length: 17262 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: msp-world.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 20 Sep 2014 18:24:26 GMT
Pragma: no-cache
Server: nginx/1.2.4
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=c3f5230339da450eae41e37e75c6823a; path=/
Set-Cookie: stat=8dc98b6624fc244218fb0f7e8ac27000; expires=Thu, 19-Mar-2015 18:24:25 GMT; path=/
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: msp-world.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 20 Sep 2014 18:24:26 GMT
Pragma: no-cache
Server: nginx/1.2.4
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=c3f5230339da450eae41e37e75c6823a; path=/
Set-Cookie: stat=8dc98b6624fc244218fb0f7e8ac27000; expires=Thu, 19-Mar-2015 18:24:25 GMT; path=/
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: msp-world.ru
Referer: http://www.google.com/search?q=msp-world.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: msp-world.ru
Referer: http://www.google.com/search?q=msp-world.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.