Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=newspk.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://newspk.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://newspk.ru/ | 200 OK Content-Length: 53479 Content-Type: text/html | clean |
http://newspk.ru/templates/it_tribune/js/mootools-1.2-core-nc.js | 200 OK Content-Length: 41552 Content-Type: application/x-javascript | clean |
http://newspk.ru/templates/it_tribune/js/mootools-1.2-more.js | 200 OK Content-Length: 17792 Content-Type: application/x-javascript | clean |
http://newspk.ru/templates/it_tribune/js/ice-menu.js | 200 OK Content-Length: 11955 Content-Type: application/x-javascript | clean |
http://newspk.ru/media/system/js/caption.js | 200 OK Content-Length: 1963 Content-Type: application/x-javascript | clean |
http://newspk.ru/modules/mod_ariyuimenu/mod_ariyuimenu/js/yui.combo.js | 200 OK Content-Length: 136091 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(typeof YAHOO=="undefined"||!YAHOO){var YAHOO={};}YAHOO.namespace=function(){var A=arguments,E=null,C,B,D;for(C=0;C<A.length;C=C+1){D=(""+A[C]).split(".");E=YAHOO;for(B=(D[0]=="YAHOO")?1:0;B<D.length;B=B+1){E[D[B]]=E[D[B]]||{};E=E[D[B]];}}return E;};YAHOO.log=function(D,A,C){var B=YAHOO.widget.Logger;if(B&&B.log){return B.log(D,A,C);}else{return false;}};YAHOO.register=function(A,E,D){var I=YAHOO.env.modules,B,H,G,F,C;if(!I[A]){I[A]={versions:[],builds:[]};}B=I[A];H=D.version;G=D Antivirus reports:
| ||
http://newspk.ru/index.php?option=com_content&view=article&id=12&Itemid=27 | 200 OK Content-Length: 40517 Content-Type: text/html | clean |
http://firmsonmap.api.2gis.ru/js/DGWidgetLoader.js | 200 OK Content-Length: 5334 Content-Type: application/javascript | clean |
http://newspk.ru/index.php?option=com_content&view=article&id=149&Itemid=138 | 200 OK Content-Length: 40844 Content-Type: text/html | clean |
http://newspk.ru/index.php?option=com_content&view=article&id=147&Itemid=139 | 200 OK Content-Length: 43741 Content-Type: text/html | clean |
http://newspk.ru/index.php?option=com_content&view=article&id=6&Itemid=147 | 200 OK Content-Length: 53186 Content-Type: text/html | clean |
http://newspk.ru/index.php?option=com_content&view=article&id=150&Itemid=146 | 200 OK Content-Length: 40409 Content-Type: text/html | clean |
http://newspk.ru/index.php?option=com_content&view=article&id=148&Itemid=144 | 200 OK Content-Length: 39701 Content-Type: text/html | clean |
http://newspk.ru/index.php?option=com_content&view=article&id=11&Itemid=22 | 200 OK Content-Length: 49841 Content-Type: text/html | clean |
http://newspk.ru/index.php?option=com_content&view=article&id=123&Itemid=127 | 200 OK Content-Length: 151376 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: newspk.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 27 Sep 2014 10:22:26 GMT
Server: nginx admin
Vary: Accept-Encoding
Content-Type: text/html
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 3b08b4d62d30e0f37e619c2898ac5e2c=da1a7c7cd7d7e34b616fe27b2bac943d; path=/
X-Cache: HIT from Backend
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: newspk.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 27 Sep 2014 10:22:26 GMT
Server: nginx admin
Vary: Accept-Encoding
Content-Type: text/html
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 3b08b4d62d30e0f37e619c2898ac5e2c=da1a7c7cd7d7e34b616fe27b2bac943d; path=/
X-Cache: HIT from Backend
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: newspk.ru
Referer: http://www.google.com/search?q=newspk.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: newspk.ru
Referer: http://www.google.com/search?q=newspk.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.